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This application is based upon and claims the 



benefits of priority from the prior Japanese Patent 
Application No . 2003-090293 , filed on March 28, 2003 and 
Japanese Patent Application No . 2003-112992 , filed on April 
17, 2003 the entire contents of which are incorporated 
10 herein by reference. 

BACKGROUND OF THE INVENTION 

(1) Field of the Invention 

15 This invention relates to an inter-bus communication 

interface device for transmitting/receiving data between a 
plurality of buses , and a data security device for 
carrying out secure communication, and more particularly 
to an inter-bus communication interface device for 

20 carrying out transfer of data via a buffer, and a data 
security device capable of carrying out cryptographic 
processing by using a hardware circuit. 

(2) Description of the Related Art 

25 Electronic equipment, such as a video camera and the 

like, sometimes includes an information processing unit 
for performing predetermined processing, in addition to a 
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CPU (Central Processing Unit) for control of the whole 
equipment. For example, when electronic equipment is 
connected to a LAN (Local Area Network) , a LAN interface 
containing the CPU can be mounted in the equipment to 
5 carry out highly sophisticated processing, such as 
encryption of communication data. 

Data communication is carried out as required 
between an information processing unit containing the CPU 
(hereinafter referred to as the "internal CPU'') and an 

10 external host apparatus (hereinafter referred to as the 
"external host") for control of the whole electronic 
equipment. The external host as well contains a CPU, and 
in an interface of various kinds of devices and 
apparatuses requiring data communication with such an 

15 external device or apparatus, a buffer called a FIFO 
(First-In First-Out) is generally used to secure transfer 
efficiency. The FIFO is a buffer of a type that outputs 
data in the order that the data are stored. Data 
transmitted/ received between the external host and the 

20 internal CPU is once written in the FIFO, and then read 
out from the FIFO by the opposite party of communication. 

FIG. 46 is a conceptual view showing a method 
employed by the internal CPU in receiving data from the 
external host. As shown in FIG. 46, a receive FIFO 920 

25 for receiving data is disposed between the external host 
910 and the internal CPU 930. In the illustrated example, 
it is assumed that the FIFO 920 includes a buffer area for 
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storing data, and an interrupt-generating circuit for 
asserting an interrupt signal when the buffer area is full 
of data . 

The external host 910 writes communication data into 
5 the FIFO 920 (step S101) . Then, the FIFO 920 asserts an 
interrupt signal (step S102) . The internal CPU 930 having 
detected the interrupt signal reads the communication data 
therein from the FIFO 920 (step S103) . 

FIG. 47 is a flowchart showing the procedure of 
10 operations executed in a process for receiving data from 
the external host by the internal CPU . In the following, 
the process shown in FIG. 47 will be described in the 
order of step numbers . 

[Step Sill] The external host 910 writes data into 
15 the FIFO 920. It should be noted that the external host 
910 adds data end information to a trailing end of data to 
be transferred. After the data end information is added, 
when the FIFO 920 has an empty area, the external host 910 
writes invalid data (e.g. data formed by only "0") so as 
20 to fill the FIFO 920 becomes with data. 

[Step SI 12] If the buffer area is not full of data by 
determination of the FIFO 920 as to whether or not the 
buffer area in the FIFO 920 is full of data, the step Sill 
is repeatedly carried out. 
25 [Step SI 13] If the buffer area is full of data by 

determination of the FIFO 920 as to whether or not the 
buffer area in the FIFO 920 is full of data, the process 
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proceeds to a step S114. 

[Step S114] The FIFO 920 asserts an interrupt signal. 

[Step S115] The internal CPU 930 reads out data in 
the FIFO 920, when it has detected the assertion of the 
5 interrupt signal . 

[Step S116] When the FIFO 920 becomes empty of data, 
the internal CPU 930 terminates the reading of data, and 
the process proceeds to the step Sill. After that, 
following data is written in the FIFO 920 by the external 
10 host 910. 

[Step S117] Further, whenever the internal CPU 930 
reads out data from the FIFO 920, it always checks whether 
or not the data read out is the data end information. 
When the data end information is detected, the internal 

15 CPU 930 terminates the data-receiving process. 

FIG. 48 is a conceptual view showing a method 
employed by the internal CPU for transmitting data to the 
external host. As shown in FIG. 48, a transmit FIFO 940 
for transmitting data is disposed between the external 

20 host 910 and the internal CPU 930. It should be noted 
that the FIFO 940 includes a buffer area for storing data, 
and a circuit for asserting a transmit data-related 
request signal when the buffer area is full of data. 

The internal CPU 930 writes communication data in 

2 5 the FIFO 940 (step S121) . Then, the FIFO 940 asserts the 
transmit data-related request signal (step S122) . The 
external host 910 having detected the transmit data- 
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related request: signal reads the communication data 
therein from the FIFO 940 (step S123) . 

FIG. 49 is a flowchart showing the procedure of 
operations executed in a process for transmitting data to 
5 the external host by the internal CPU . In the following, 
the process shown in FIG. 49 will be described in the 
order of step numbers . 

[Step S131] The internal CPU 930 writes data into 
the FIFO 940. 

10 [Step S132] The FIFO 940 asserts the transmit data- 

related request signal . 

[Step S133] The external host 910 reads data from the 
buffer area in the FIFO 940 . 

[Step S134] If the FIFO 940 is not empty, the 
15 external host 910 continues the reading of data in the 
step S133. 

[Step S135] If the FIFO 940 becomes empty of data, 
the external host 910 terminates the reading of data. 

As described above, the transmission/reception of 
20 data via the FIFO is carried out. 

Although in the above example, the termination of 
writing of data into the FIFO 920 is notified by the 
assertion of the interrupt signal when data is transferred 
from the external host 910 to the internal CPU 930, this 
2 5 is not limitative, but the termination of writing of data 
into the FIFO 920 can be notified by another method. For 
example, if there is provided a request circuit for 
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transmitting a reading request, a reading request can be 
transmitted via the circuit (as disclosed e.g. in Japanese 
Unexamined Patent Publication (Kokai) No. Hll-18122, FIGS. 
1 and 2) . 

5 

SUMMARY OF THE INVENTION 

In the conventional technique, however, to detect 
the trailing end of data transferred from the external 

10 host 910 to the internal CPU 930, the internal CPU 930 has 
to sequentially analyze the contents of the data, which 
has imposes an excess load on the internal CPU. Moreover, 
since all the data required for communication are 
transferred via the FIFOs 920 and 940, it is impossible to 

15 change communication control information during execution 
of transmission/reception of data. 

Further, although the internal CPU 930 starts to 
read data from the FIFOs 920 and 940 in response to the 
interrupt signal, unless the FIFOs 920 and 940 are full of 

20 data, all the data in the FIFOs cannot be read by 
interrupt control. To overcome this problem, invalid data 
is required to be added to the trailing end of data by the 
external host 910 to cause the amount of data in the FIFOs 
920 and 940 to reach a fixed value. Consequently, data to 

25 be written into the FIFOs 920 and 940 by software is 
processed by the external host 910, resulting in an 
increased time period of execution therefor. This offers 
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an obstacle to high-speed communication. 

It should be noted that the above request circuit 
disclosed in Japanese Unexamined Patent Publication 
(Kokai) No. 11-18122 simply transmits a reading request, 
5 and it cannot be used for transmitting desired control 
information concerning data communication . More 
specifically, the processing for asserting the interrupt 
signal (step S102) in FIG. 46 is simply replaced by 
processing for setting a request for reading data into the 

10 request circuit. Furthermore, in response to the setting 
the reading request, the reading of data is started by the 
opposite party of communication, and therefore, writing of 
information other than the reading request in the request 
circuit makes it impossible to perform normal data 

15 communication. 

Further, the input or output of data sometimes 
involves encryption or decryption of the data. The 
processing for encryption or decryption of data imposes a 
excessively heavy load on the internal CPU, so that to 

2 0 input or output data efficiently, it is important to make 
the process for encryption or decryption of data to be 
transferred, more efficient than ever 

The present invention has been made in view of above 
2 5 described points to be improved, and a first object 
thereof is to provide an inter-bus communication interface 
device, an information processing unit, an external host 
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apparatus, and an inter-bus communication control method, 
which are capable of efficiently performing transfer of 
data between a plurality of devices connected to different 
buses . 

5 A second object of the present invention is to 

provide a data security device, a data communication 
device, and a data-securing method, which are capable of 
performing cryptographic processing at a high speed 
irrespective of the processing performance of CPUs . 

10 To attain the first object, there are provided an 

inter-bus communication interface device, an information 
processing unit, an external host apparatus, and an inter- 
bus communication control method. 

The inter-bus communication interface device 

15 controls data communication between a first bus and a 
second bus and is characterized by comprising a buffer for 
storing communication data sent from a first device 
connected to the first bus , a register for storing 
communication control information concerning the 

20 communication data, and a control circuit for passing the 
communication data stored in the buffer to a second device 
connected to the second bus, and passing the communication 
control information stored in the register to the second 
device . 

25 The information processing unit carries out 

information processing in cooperation with an external 
host apparatus connected thereto via an external 
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connection bus, and is characterized by comprising an 
internal CPU, a receive buffer for storing receive data 
received from the external host apparatus, a receive 
register for storing receive communication control 
5 information concerning the receive data, a transmit buffer 
for storing transmit data transmitted from the internal 
CPU via an internal bus, a transmit register for storing 
transmit communication control information concerning the 
transmit data, and a control circuit for passing the 

10 receive data stored in the receive register to the 
internal CPU and passing the receive communication control 
information stored in the receive register to the internal 
CPU, and further passing the transmit data stored in the 
transmit buffer to the external host apparatus and passing 

15 the transmit communication control information stored in 
the transmit register to the external host apparatus . 

The external host apparatus carries out processing 
in cooperation with an information processing unit for 
performing specific information processing, and is 

2 0 characterized by comprising data-reading unit for reading 
transmit data into a transmit buffer within the 
information processing unit by designating an address of 
the transmit buffer in response to a transmit data-related 
request signal for requesting reception of transmit data 

2 5 outputted from the information processing unit, and 
reading transmit communication control information into a 
transmit register within the information processing unit 
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by designating an address of the transmit register, and 
data-writing means for writing receive data into a receive 
buffer within the information processing unit by 
designating an address of the receive buffer in response 
5 to a receive data-related request signal outputted from 
the information processing unit for indicating that data 
can be received, and writing receive communication control 
information into a receive register within the information 
processing unit by designating an address of the receive 
10 register. 

The inter-bus communication control method controls 
data communication between a first device connected to a 
first bus and a second device connected to a second bus, 
via an inter-bus communication interface device, and is 

15 characterized by comprising the steps of causing the first 
device to store communication data to be passed to the 
second device in a buffer within the inter-bus 
communication interface device, causing the first device 
to store communication control information concerning the 

20 communication data in a register within the inter-bus 
communication interface device, causing the inter-bus 
communication interface device to output an interrupt 
signal to the second device, when the buffer is full of 
the communication data, or when the communication control 

25 information is stored in the register, and causing the 
second device to read out the communication data in the 
buffer or the communication control information in the 
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register in response to the interrupt signal . 

To attain the second object, there are provided a 
data security device, a data communication device, and. a 
data security method. 
5 The data security device carries out processing for 

securing data, and is characterized by comprising a data- 
acquiring circuit for acquiring data to be processed, a 
cryptographic processing circuit for performing 
cryptographic processing of input data, and a data 

10 input/output control circuit connected to the data- 
acquiring circuit via a first bus and connected to the 
cryptographic processing circuit via a second bus, for 
acquiring the data to be processed which is acquired by 
the data-acquiring circuit via the first bus, for storage 

15 in an internal memory thereof, inputting the data to be 
processed to the cryptographic processing circuit via the 
second bus , and acquiring result data as a result of 
execution of the cryptographic processing from the 
cryptographic processing circuit via the second bus. 

20 The data communication device transmits/receives 

secured data via a network, and is characterized by 
comprising a main CPU for generating transmit data, a 
cryptographic processing circuit for encrypting input data, 
a communication circuit for transmitting the input data 

2 5 via the network, and a data input/output control circuit 
connected to the main CPU and the communication circuit 
via a first bus and connected to the cryptographic 
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processing circuit via a second bus , for acquiring the 
transmit data acquired by the main CPU via the first bus, 
for storage in an internal memory thereof, inputting the 
transmit data to the cryptographic processing circuit via 
5 the second bus, acquiring encrypted data from the 
cryptographic processing circuit via the second bus, and 
inputting the encrypted data to the communication circuit. 

The data-securing method of securing data is 
characterized by comprising the steps of causing a data 

10 input/output control circuit to acquire data to be process 
which is acquired by a data-acquiring circuit, via a first 
bus, for storage in an internal memory thereof, causing 
the data input/output control circuit to input the data to 
be processed to an authentication processing circuit via a 

15 second bus, and causing the authentication processing 
circuit to carry out authentication processing of the data 
to be processed. 

The above and other objects, features and advantages 
of the present invention will become apparent from the 

20 following description when taken in conjunction with the 
accompanying drawings which illustrate preferred 
embodiments of the present invention by way of example . 

BRIEF DESCRIPTION OF THE DRAWINGS 

25 

FIG. 1 is a conceptual diagram of the invention 
applied to a first embodiment of the present invention; 
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FIG. 2 is a diagram showing a hardware configuration 
of a device according to the first embodiment; 

FIG. 3 is a diagram showing an example of the 
internal configuration of an external connection 
5 interface; 

FIG. 4 is a first diagram showing an example of the 
data structure of data stored in a status register; 

FIG. 5 is a second diagram showing the remaining 
part of the data structure of the data stored in the 
10 status register; 

FIG. 6 is a flowchart showing the procedure of 
operations executed in a process for receiving data; 

FIG. 7 is a flowchart showing the procedure of 
operations executed in a process for transmitting data; 
15 FIG. 8 is a diagram showing an example of 

configuration of signals in the internal bus; 

FIG. 9 is a diagram showing an example of 
configuration of signals of the external connection 
interface ; 

20 FIG. 10 is a timing chart useful in explaining data 

reception ; 

FIG. 11 is a timing chart useful in explaining data 
transmission ; 

FIG. 12 is a flowchart showing the procedure of 
25 operations executed in a process for data reception by the 
external host; 

FIG. 13 is a flowchart showing the procedure of 
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operations executed in a process for data transmission by 
the external host; 

FIG. 14 is a conceptual diagram of the invention 
applied to a second embodiment of the present invention; 
5 FIG. 15 shows an example of a system configuration 

according to the second embodiment; 

FIG. 16 is a diagram showing the circuit 
configuration of a camera system; 

FIG. 17 is a flowchart of the procedure of 
10 operations executed in a process for data transmission; 

FIG. 18 is a diagram showing a first step in data 
distribution ; 

FIG. 19 is a diagram showing a second step in the 
data distribution; 
15 FIG. 20 is a diagram showing a third step in the 

data distribution; 

FIG. 21 is a diagram showing a fourth step in the 
data distribution; 

FIG. 22 is a diagram showing a fifth step in the 
20 data distribution; 

FIG. 23 is a diagram showing a sixth step in the 
data distribution; 

FIG. 24 is a diagram showing a seventh step in data 
distribution ; 

25 FIG. 25 is a diagram showing an eighth step in the 

data distribution; 

FIG. 26 is a flowchart showing the procedure of 
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operations executed in a process for data reception; 

FIG. 27 is a diagram showing an example of the 
internal configuration of a security network controller; 

FIG. 28 is a diagram showing data stored in an 
5 internal RAM of an IPsec control circuit for DES 
processing; 

FIG. 29 is a diagram showing the configuration of 
the internal RAM of the IPsec control circuit when SHA1 
processing is performed; 
10 FIG. 30 is a diagram showing the internal 

configuration of the IPsec control circuit; 

FIG. 31 is a diagram showing the internal 
configuration of a cryptographic processing circuit; 

FIG. 32 is a diagram showing the internal 
15 configuration of a hash function processing circuit; 

FIG. 33 is a first diagram showing operations of 
each circuit for cryptographic processing in a time 
sequence ; 

FIG. 34 is a second diagram showing operations of 
20 each circuit for cryptographic processing in a time 
sequence ; 

FIG. 35 is a diagram showing operations of circuits 
for hash value generation processing in a time sequence; 

FIG. 36 is a first timing chart showing operation 
25 waveforms of signals in buses between the IPsec control 
circuit and the cryptographic processing circuit; 

FIG. 37 is a second timing chart showing operation 
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waveforms of the signals in the buses between the IPsec 
control circuit and the cryptographic processing circuit; 

FIG. 38 is a timing chart showing operation 
waveforms of the signals in the buses between the IPsec 
5 control circuit and the hash function processing circuit; 

FIGS. 39A and 39B are diagrams useful in explaining 
the respective ranges of encryption and authentication in 
the transport mode ESP, in which FIG. 39 (A) shows an IPv4 
packet, while FIG. 39 (B) shows an IPv6 packet; 
10 FIG. 40 is a diagram showing an authentication range 

of AH; 

FIG. 41 is a diagram showing the size of an IP 
packet; 

FIG. 42 is a diagram showing a phase 1 using IKE 
15 main mode; 

FIG. 43 is a diagram showing results of evaluations 
of performance of the cryptographic processing by the 
prior art and that of the cryptographic processing by the 
second embodiment; 
20 FIG. 44 is a diagram showing results of evaluations 

of performance of the hash function processing by the 
prior art and that of the hash function processing by the 
second embodiment; 

FIG. 45 is a diagram showing an example of the 
25 system configuration of a third embodiment of the present 
invention ; 

FIG. 46 is a conceptual view showing a method 
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employed by the internal CPU in receiving data from the 
external host; 

FIG. 47 is a flowchart showing the procedure of 
operations executed in a process for receiving data from 
5 the external host by the internal CPU; 

FIG. 48 is a conceptual view showing a method 
employed by the internal CPU for transmitting data to the 
external host; and 

FIG. 49 is a flowchart showing the procedure of 
10 operations executed in a process for transmitting data to 
the external host by the internal CPU. 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

15 The present invention will now be described in 

detail with reference to the accompanying drawings showing 
preferred embodiments thereof. 
[First Embodiment] 

First, the outline of the invention applied to the 

20 first embodiment will be described, and then a description 
will be give of details of the first embodiment. 

FIG. 1 is a conceptual diagram of the invention 
applied to the first embodiment. An inter-bus 

communication interface device 1 controls data 

25 communication between a first bus 4 and a second bus 5. A 
first device 2 is connected to the first bus 4, while a 
second device 3 is connected to the second bus 5 . The 
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inter-bus communication interface device 1 includes a 
buffer la, a register lb, and a control circuit lc. The 
buffer la stores communication data 6 sent from the first 
device 2 connected to the first bus 4 . The register lb 
5 stores communication control information 7 of the 
communication data 6 . The control circuit lc passes the 
communication data 6 stored in the buffer la to the second 
device 3 connected to the second bus 5 and passes the 
communication control information 7 stored in the register 

10 lb to the second device 3 at the same time. 

In the device configured as above, to transmit 
communication data 6 from the first device 2, the 
communication data 6 is written into the buffer la, while 
to transmit communication control information 7 from the 

15 first device 2, the communication control information 7 is 
written into the register lb. For example, when there is 
streaming communication data 6 to be transmitted, the 
first device 2 sequentially writes the communication data 
6 into the buffer la. Then, when the writing of the 

2 0 communication data 6 has been completed, the first device 
2 writes data end information indicative of the end of the 
communication data 6 into the register lb, as 
communication control information 7 . This causes the 
communication data 6 to be transferred from the first 

25 device 2 to the second device 3 via the buffer la, and the 
communication control information 7 to be transferred from 
the first device 2 to the second device 3 via the register 
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lb. 

As described above, the communication control 
information 7 is transferred via the register lb provided 
separate from the buffer la storing the communication data 
5 6, which simplifies a process executed in the second 
device 3 for discriminating between the communication data 
6 and the communication control information 7 . More 
specifically, the second device 3 can recognize that the 
data read from the buffer la is the communication data 6 

10 and that the data read from the register lb is the 
communication control information 7 . Thus , data 

communication between the buses is performed efficiently. 
To be more specific, since the data end information is 
transferred via the register lb, the second device 3 can 

15 recognize the end of the communication data 6 without 
analyzing the contents of the communication data 6. As a 
result, processing load on the second device 3 is reduced. 

Although FIG. 1 shows only data communication from 
the first device 2 to the second device 3, it is also 

20 possible to perform data communication in the reverse 
direction with the same configuration. Hereafter, the 
first embodiment will be described in detail by taking the 
example of an information processing unit incorporating an 
inter-bus communication interface device capable of bi- 

2 5 directional communication to which the present invention 
is applied. 

FIG. 2 is a diagram showing a hardware configuration 
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of the device according to the first embodiment. As shown 
in FIG. 2, the information processing unit 100 is 
connected to an external host 200 via an external 
connection bus 10. 
5 The information processing unit 100 is comprised of 

an internal CPU 110, an external connection interface 120, 
and peripheral circuits 130 and 140, all of which are 
interconnected via an internal bus 150 . 

The internal CPU 110 controls the overall operation 

10 of the information processing unit 100. The external 
connection interface 120 is connected to the external host 
200 via the external connection bus 10, for relay of data 
communication between the external host 200 and the 
internal CPU 110. The peripheral circuits 130 and 140 are 

15 circuits for carrying out predetermined data processing. 
For example, the peripheral circuits 130 and 140 may be 
encryption/decryption circuits and a LAN communication 
circuit. 

In the device having the circuit configuration 
20 described above, data communication is performed between 
the external host 200 and the internal CPU 110 within the 
information processing unit 100 via the external 
connection interface 120. In the following, the 

configuration of the external connection interface 120 
25 will be described in detail. 

FIG. 3 is a diagram showing an example of the 
internal configuration of the external connection 
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interface. The external connection bus 10 is comprised of 
a data bus 11 , a control signal input bus 12 , and a 
control signal output bus 13. The data bus 11 is a bus 
for bi-directional transfer of data communicated between 
5 the external host 200 and the information processing unit 
100. 

The control signal input bus 12 is a bus for 
inputting control signals from the external host 200 to 
the external connection interface 120. The control signal 

10 input bus 12 includes signal lines provided, respectively, 
for a chip select signal (EX_CSX) , an address signal 
(EX_A) , a read strobe signal (EX_RDX) , and a write strobe 
signal (EX_WRX) . The chip select signal (EX_CSX) is a 
signal that designates one of memory circuits (including 

15 FIFOs and various registers) to be accessed. The address 
signal (EX_A) is a signal that designates a storage area 
to be accessed in the memory circuit to be accessed. The 
read strobe signal (EX__RDX) is a signal that indicates the 
access is for reading. The write strobe signal (EX_WRX) 

20 is a signal that indicates the access is for writing. 

The control signal output bus 13 is a bus for 
outputting control signals from the external connection 
interface 120 to the external host 200. The control 
signal output bus 13 includes signal lines provided, 

2 5 respectively, for a receive data-related request signal 
(RX_DRQX) and a transmit data-related request signal 
(TX__DRQX) . The receive data-related request signal 
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(RX_DRQX) is a signal that notifies the external host 200 
that data can be received. The transmit data-related 
request signal (TXJDRQX) is a signal that notifies the 
external host 200 that there is data to be transmitted. 
5 The external connection interface 120 is comprised 

of receive FIFOs (RX_FIFO) 121a and 121b, a transmit FIFO 
(TX_FIFO) 122, a receive register (RX_REG) 123, a transmit 
register (TX_REG) 124, a bus interface (BUS IF) 125, a 
status register (ST__REG) 126, and a control block 127. 

10 The receive FIFOs 121a and 121b are data storage 

areas for storing data received from the external host 
200. The receive FIFOs 121a and 121b are connected to the 
external host 200 via the data bus 11 within the external 
connection bus 10. The receive FIFOs 121a and 121b are 

15 also connected to the bus interface 125. The receive 
FIFOs 121a and 121b are configured as a double buffer 
formed by single-port buffers, wherein it is possible to 
read data from one of the receive FIFOs while storing data 
in the other receive FIFO. In the description of the 

20 first embodiment, the receive FIFO 121a is referred to as 
an A-side receive FIFO, and the receive FIFO 121b as a B- 
side receive FIFO. When storing and reading of data have 
been completed, the receive FIFO for storing and the 
receive FIFO for reading are swapped, and then storing and 

2 5 reading of data are continued. 

The transmit FIFO 122 is a data storage area for 
storing data to be transmitted to the external host 200. 
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The transmit FIFO 122 is connected to the external host 
200 via the data bus 11 of the external connection bus 10. 
On the other hand, the receive FIFOs 121a and 121b are 
connected to the bus interface 125 . In the first 

5 embodiment , the transmit FIFO 122 is implemented by a 
dual-port buffer which can perform data writing and data 
reading at the same time. 

The receive register 123 is a storage area for 
storing communication control information such as data end 

10 information of receive data. The receive register 123 is 
connected between the data bus 11 of the external 
connection bus 10 and the bus interface 125, in parallel 
with the receive FIFOs 121a and 121b. 

The transmit register 124 is a storage area for 

15 storing communication control data such as data end 
information of transmit data. The transmit register 124 
is connected between the data bus 11 of the external 
connection bus 10 and the bus interface 125, in parallel 
with the transmit FIFO 122 . 

20 The bus interface 125 is an interface for 

communication with the internal CPU 110 via the internal 
bus 150. The bus interface 125 transmits data stored in 
the receive FIFOs 121a and 121b to the internal CPU 110 
via the internal bus 150, and stores data from the 

25 internal CPU 110 in the transmit FIFO 122. Further, the 
bus interface 125 transmits signals, such as a reception 
interrupt signal and a DMA. transfer request signal , to the 
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internal CPU 110 . The reception interrupt signal is 
asserted when the receive FIFOs 121a and 121b are filled 
with data or when data end information is stored in the 
receive register 123. The DMA. transfer request signal is 
5 a signal asserted for execution of DMA. transfer. 

The status register 126 is a register that indicates 
the status of each of the FIFOs and the registers. The 
information registered in the status register 126 will be 
described in detail hereinafter (see FIGS. 4 and 5) . 

10 The control block 127 is a controller that controls 

the external connection interface 120. Although not shown 
in FIG. 3, the control block 127 is connected to other 
components. Further, the control block 127 is connected 
to the control signal input bus 12 and the control signal 

15 output bus 13 of the external connection bus 10. 

Next, the data structure of the status register 126 
will be described with reference to FIGS. 4 and 5. 

FIG. 4 is a first diagram showing an example of the 
data structure of data stored in the status register. 

20 FIG. 5 is a second diagram showing the remaining part of 
the data structure of the data stored in the status 
register. The status register 126 is a 32-bit register. 
FIG. 4 shows information set to bit 31 to bit 2, and FIG. 
5 shows information set to bit 1 and bit 0 . In FIGS . 4 

25 and 5, bit names, initial values, restrictions on access 
(permission/inhibition of read (R) /write (w) ) by the 
internal CPU 110, and functions, are specifically shown 
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for the bits . 

As shown in FIG. 4, bits 31 to 10 are not used 
currently, but reserved for future use. The initial value 
thereof is "0". 

5 Bits 7 and 6 have a bit name "TX_FIFO" , and an 

initial value "00". These bits can be accessed only for 
read (R) . The two bits indicate the status of the 
transmit FIFO 122. The value "00" indicates that no data 
exists in the transmit FIFO 122 or that data has been 

10 cleared. A value "01" indicates that data exists in the 
transmit FIFO 122. A value "10" indicates that the 
transmit FIFO 122 is full of data. A value "11" is 
reserved for future use. 

Bits 5 and 4 have a bit name "RX_FIFO_B" and an 

15 initial value "00". These bits can be accessed only for 
read (R) . The two bits indicate the status of the B-side 
receive FIFO 121b. The value "00" indicates that no data 
exists in the B-side receive FIFO 121b or that data has 
been cleared. A value "01" indicates that data exists in 

20 the B-side receive FIFO 121b. A value "10" indicates that 
the B-side receive FIFO 121b is full of data. A value 
"11" is reserved for future use. 

Bits 3 and 2 have a bit name "RX_FIFO_A" and an 
initial value "0". These bits can be accessed only for 

25 read (R) . The two bits indicate the status of the A-side 
receive FIFO 121a. The value "00" indicates that no data 
exists in the A-side receive FIFO 121a or that data has 
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been cleared. A value "01" indicates that data exists in 
the A-side receive FIFO 121a. A value "10" indicates that 
the A-side receive FIFO 121a is full of data. A value 
"11" is reserved for future use. 
5 Bit 1 has a bit name "TX_REG_0UT" and an initial 

value "0". This bit can be accessed only for read (R) . 
The bit indicates the status of the transmit register 124. 
It should be noted that the value of this bit is cleared 
immediately after the data is read out (i.e. read- 

10 cleared) . The value "0" indicates that there is no data 
outputted to the transmit register 124 or that data has 
been cleared. The value "1" indicates that there has been 
data outputted to the transmit register 124. 

Bit 0 has a bit name "RX_REG_IN" and an initial 

15 value "0". This bit can be accessed only for read (R) . 
The bit indicates the status of the receive register 123. 
It should be noted that the value of this bit is cleared 
immediately after the data is read out (i.e. read- 
cleared) . The value "0" indicates that no data exists in 

2 0 the receive register 123 or that data has been cleared. A 
value "1" indicates that data exists in the receive 
register 123 . 

With the configuration described above, processes 
described below are executed. 
25 First, a process for receiving data from the 

external host 200 will be described in detail. 

FIG. 6 is a flowchart showing the procedure of 
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operations executed in the process for receiving data. In 
the following , the process shown in FIG, 6 will be 
described in the order of step numbers . 

[Step Sll] The external host 200 writes data into 
5 one of the receive FIFOs 121a and 121b. It should be 
noted that when writing of data in the receive FIFO 121a 
or 121b is started, information indicating that valid data 
exists in the receive FIFO in use for the writing is set 
in the status register 126. More specif ically , if writing 

10 of data into the A- side receive FIFO 121a is executed, the 
value "01" is set to the bits 3 and 2 of the status 
register 126. On the other hand, if writing of data into 
the B-side receive FIFO 121b is executed, the value "01" 
is set to the bit 5 and 4 of the status register 126. 

15 [Step S12] When the receive FIFO in use for the 

writing becomes full of data, the control block 127 of the 
external connection interface 120 detects the status , and 
the process proceeds to a step SI 4 . 

At this time, the control block 127 sets in the 

20 status register 126 the value indicating that the receive 
FIFO is full of data. More specifically, if the A-side 
receive FIFO 121a has become full of data, the value "10" 
is set to the bits 3 and 2 of the status register 126. On 
the other hand, if the B-side receive FIFO 121b has become 

25 full of data, the value "10" is set to the bits 5 and 4 of 
the status register 126. 

Further, the control block 127 swaps the receive 
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FIFOs for writing. More specif ically , when the A-side 
receive FIFO 121a becomes full of data, the receive FIFO 
for use in writing by the external host 200 is switched to 
the B-side receive FIFO 121b. On the other hand, when the 
5 B-side receive FIFO 121b becomes full of data, the receive 
FIFO for use in writing by the external host 200 is 
switched to the A-side receive FIFO 121a. After the 
swapping of the receive FIFOs for writing, data sent from 
the external host 200 is written into the receive FIFO 

10 newly selected for writing, in parallel with execution of 
the steps S14 to S16. 

[Step S13] Further, when it is time for transmission 
of communication control information , e.g. when writing of 
data to be transferred has been completed, the external 

15 host 200 writes communication control information, such as 
data end information, into the receive register 123. At 
the same time, the control block 127 sets in the status 
register 126 a value indicating that the communication 
control information has been set in the receive register 

20 123. More specifically, the value "1" is set to the bit 0 
of the status register 126. 

[Step S14] When the receive FIFO becomes full of 
data or when the communication control information is 
written into the receive register 123, the control block 

2 5 127 controls the bus interface 125 to assert an interrupt 
signal to the internal CPU 110. 

[Step S15] In response to the assertion of the 
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interrupt: signal, the internal CPU 110 reads data from the 
status register 126 of the external connection interface 
120 (i.e. executes status read). Then, the internal CPU 
110 analyzes the contents of the status register 126. If 
5 it is indicated that the receive FIFO is full of data, the 
process proceeds to the step S16, whereas if it is 
indicated that data, such as the data end information, has 
been set in the receive register 123, the process proceeds 
to a step S17 . 

10 [Step SI 6] The internal CPU 110 reads the data 

written in the receive FIFO. More specifically, when the 
value "10" has been set to the bits 3 and 2 of the status 
register 126, the internal CPU 110 acquires the data from 
the A-side receive FIFO 121a. When the value "10" has 

15 been set to the bits 5 and 4 of the status register 126, 
the internal CPU 110 acquires the data from the B-side 
receive FIFO 121b. 

It should be noted that when data in the receive 
FIFO is read by the internal CPU 110, the value indicative 

2 0 of absence of data in the receive FIFO is set to the 
status register 126 by the control block 127. More 
specifically, when data is read from the A-side receive 
FIFO 121a, the value "00" is set to the bits 3 and 2 of 
the status register 126. On the other hand, when data is 

2 5 read from the B-side receive FIFO 121b, the value "00" is 
set to the bits 5 and 4 of the status register 12 6. 

Then , the process proceeds to the step Sll , wherein 
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writing of data from the external host 200 into the 
receive FIFO is continued. 

[Step S17] The internal CPU 110 reads the contents 
of the receive register 123. If the contents written in 
5 the receive register 123 are data end information, the 
process proceeds to a step S18 . If communication control 
information other than data end information has been 
written in the receive register 123, the process proceeds 
to the step Sll, wherein writing of data from the external 

10 host 200 into the receive FIFO is continued. 

[Step S18] When having acquired the data end 
information of the received data, the internal CPU 110 
reads data from the receive FIFO storing data. Which of 
the two receive FIFOs 121a and 121b stores valid data can 

15 be determined based on a value set to the status register 
126. More specifically, when the value "01" has been set 
to the bits 3 and 2 of the status register 126, the valid 
data is stored in the A-side receive FIFO 121a. On the 
other hand, when the value "01" has been set to the bits 5 

20 and 4 of the status register 126, the valid data is stored 
in the B-side receive FIFO 121b. 

The above described passing of communication control 
information via the receive register 123 eliminates the 
need to analyze contents of data stored in the receive 

25 FIFOs 121a and 121b. As a result, data reception from the 
external host 200 can be performed efficiently. 

FIG. 7 is a flowchart showing the procedure of 



30 



operations executed in a process for transmitting data. 
In the following, the process shown in FIG. 7 will be 
described in the order of step numbers. 

[Step S21] The internal CPU 110 of the external 
5 connection interface 120 writes data into the transmit 
FIFO 122 . If communication control information other the 
data, which is to be sent to the external host 200, 
exists, the process proceeds to a step S22 . If there is 
no communication control information, the process proceeds 

10 to a step S23. 

When the writing of the data in the transmit FIFO 
122 is started, information indicating that valid data 
exists in the transmit FIFO 122 is set in the status 
register 126 by the control block 127. More specifically, 

15 the value "01" is set to the bits 7 and 6 of the status 
register 126. 

[Step S22] The internal CPU 110 writes communication 
control information into the transmit register 124. At 
this time, the control block 127 sets in the status 
2 0 register 126 the value indicating that communication 
control information, such as data end information, has 
been set in the transmit register 124. More specifically, 
the value "1" is set to the bit 1 of the status register 
126. 

25 [Step S23] The control block 127 asserts a transmit 

data-related request signal . 

[Step S24] When the transmit data-related request 
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signal is asserted, the external host 200 reads the data 
from the transmit FIFO 122 . When the transmit FIFO 122 
becomes empty of data after the data reading, the data 
transmission process is terminated. If the transmit FIFO 
5 122 is not empty, the process proceeds to the step S23, 
wherein the data transmission process is continued. 

[Step S25] As long as the transmit data-related 
request signal is asserted, the external host 200 
periodically reads contents of the transmit register 124. 

10 If any management information is stored in the transmit 
register 124, the external host 200 carries out processing 
according to the management information. Then, when the 
transmit FIFO 122 becomes empty, the data transmission 
process is terminated. If the transmit FIFO 122 is not 

15 empty, the process proceeds to the step S23, wherein the 
data transmission process is continued. 

FIG. 8 is a diagram showing an example of 
configuration of signals in the internal bus . The 
internal bus 150 has nine kinds of signal lines . 

2 0 A signal communicated via a signal line with a 

terminal name "MCLK0" is named "clock signal", which is an 
input signal to the external connection interface 120. 
This signal line is used for inputting the synchronizing 
clock signal. 

2 5 A signal communicated via a signal line with a 

terminal name "RSTXI" is named "reset signal", which is an 
input signal to the external connection interface 120. 
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This signal line is used for inputting the reset signal . 

A signal communicated via a signal line with a 
terminal name "AO [3:0]" is named "address signal", which 
an input signal to the external connection interface 120. 
5 This signal line is used for inputting an address . 

A signal communicated via a signal line with a 
terminal name "DO [31:0]" is named "write data signal", 
which is an input signal to the external connection 
interface 120. This signal line is used for inputting 
1 0 write data . 

A signal communicated via a signal line with a 
terminal name "DI [31:0]" is named "read data signal", 
which is an output signal from the external connection 
interface 120. This signal line is used for outputting 
15 read data. 

A signal communicated via a signal line with a 
terminal name "RDX0" is named "read strobe signal", which 
is an input signal to the external connection interface 
120. This signal line is used for inputting the read 
2 0 strobe signal. The read strobe signal is an active-low 
signal . 

A signal communicated via a signal line with a 
terminal name "WRX0 [3:0]" is named "write strobe signal", 
which is an input signal to the external connection 
25 interface 120. This signal line is used for inputting the 
write strobe signal. The write strobe signal is an 
active-low signal . 
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A signal communicated via a signal line with a 
terminal name "CSX" is named "chip select signal", which 
is an input signal to the external connection interface 
120. This signal line is used for inputting the chip 
5 select signal. The chip select signal is an active-low 
signal . 

A signal communicated via a signal line with a 
terminal name "INT" is named "interrupt signal", which is 
an output signal from the external connection interface 
10 120. This signal line is used for outputting the 

interrupt signal . The interrupt signal is an active-high 
signal . 

FIG. 9 is a diagram showing an example of 
configuration of signals of the external connection 
15 interface. The external bus 10 has nine kinds of signal 
lines . 

A signal communicated via a signal line with a 
terminal name "EX_DI [15:0]" is named "input data signal", 
which is an input signal to the external connection 
20 interface 120. This signal line is used for inputting 
data from the external host 200. 

A signal communicated via a signal line with a 
terminal name "EX_DO [15:0]" is named "output data 
signal", which is an output signal from the external 
25 connection interface 120. This signal line is used for 
outputting data to the external host 200. 

A signal communicated via a signal line with a 
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'terminal name "EX_DOE" is named "data bus direction 
switching signal", which is an output signal from the 
external connection interface 120. This signal line is 
used for outputting the data bus direction switching 
5 signal. 

A signal communicated via a signal line with a 
terminal name "EX__CSX" is named "chip select: signal", 
which is an input signal to the external connection 
interface 120. This signal line is used for inputting the 
10 chip select signal. The chip select signal is an active- 
low signal . 

A signal communicated via a signal line with a 
terminal name "EX__A" is named "address signal", which is 
an input signal to the external connection interface 120. 
15 This signal line is used for inputting the address signal. 
The address signal indicates register selection when its 
value is "0" and indicates FIFO selection when its value 
is "1". 

A signal communicated via a signal line with a 
20 terminal name "EX_RDX" is named "read strobe signal", 
which is an input signal to the external connection 
interface 120. This signal line is used for inputting the 
read strobe signal . The read strobe signal is an active- 
low signal . 

2 5 A signal communicated via a signal line with a 

terminal name "EX_WRX" is named "write strobe signal", 
which is an input signal to the external connection 
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interface 120 . This signal line is used for inputting the 
write strobe signal . It should be noted that the write 
strobe signal is an active-low signal . 

A signal communicated via a signal line with a 
5 terminal name "RXJDRQX" is named "receive data-related 
request signal", which is an output signal from the 
external connection interface 120. This signal line is 
used for outputting the receive data-related request 
signal. The receive data-related request signal is an 

10 active-low signal. The receive data-related request 

signal is asserted low until one of the receive FIFOs 121a 
and 121b becomes full of data. 

A signal communicated via a signal line with a 
terminal name "TX_DRQX" is named "transmit data-related 

15 request signal", which is an output signal from the 
external connection interface 120. This signal line is 
used for outputting the transmit data-related request 
signal. The transmit data-related request signal is an 
active -low signal . When readable data exists in the 

20 transmit register 124 and an internal RAM for 
transmission, the transmit data-related request signal is 
asserted low until the transmit FIFO 122 becomes full of 
data. 

Data communication between the external host 200 and 
25 the internal CPU 110 is carried out using the signals 
described above. In the following, data reception from 
the external host 200 and data transmission to the 
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external host 200 will be described with reference to 
timing charts . 

FIG. 10 is a timing chart useful in explaining data 
reception. In FIG. 10 , under the clock signal (MCLKO) 
5 supplied via the internal bus 150, there are illustrated 
the signals of the external connection bus 10, and 
thereunder, there are illustrated the signals of the 
internal bus 150 . 

The signals of the external connection bus 10 are 

10 the receive data-related request signal (RX_DRQX) , the 
address signal (EX_A) , the chip select signal (EX__CSX) , 
the write strobe signal (EX_WRX) , the read strobe signal 
(EX_RDX) , and a data signal (Data) for transmission of 
data via the data bus 11. The signals of the internal bus 

15 150 are the interrupt signal (INT) , the address signal (AO 
[3:0]), the chip select signal (CSX), the read strobe 
signal (RDXO) , and the read data signal (DI [31:0]). 
Further, the value of the receive register input status 
( RX_REG_IN ) and that of the receive register 123 are shown 

20 to indicate the internal status of the information 
processing unit 100. 

In FIG. 10, the interrupt signal is an active-high 
signal whereas the others are active-low signals . 
Further, the address signal (EX_A) of the external 

25 connection bus 10 selects the register when it is low, and 
selects the FIFO when it is high. The receive register 
input status (RX_REG_IN) is the value set to the bit 0 of 
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-the status register 126. 

When the receive FIFO 121a (or 121b) is full, the 
interrupt signal is generated. At this time, the internal 
CPU 110 recognizes by reading the contents of the status 
5 register 126 that the FIFO is full of data, and starts 
reading from the receive FIFO 121b (or 121a) . When it is 
possible to write data in the receive FIFO 121a or 121b 
(i.e. when it is not full), the receive request signal 
always continues to be asserted. 

10 In the following, changes in the signals in FIG. 10 

will be described in a time sequence . 

First, at a time tl , data to be passed to the 
internal CPU 110 is generated in the external host 200, 
and the receive register 123 is designated by the address 

15 signal (EX_A) via the external connection bus 10. 

At a time t2 (one cycle after the time tl) , the chip 
select signal (EX_CSX) and the write strobe signal 
(EX__WRX) are asserted, and at the same time communication 
control information is outputted from the external host 

20 200 to the data bus 11. 

At a time t3 (one cycle after the time t2) , the 
interrupt signal (INT) of the internal bus 150 is 
asserted. At this time, the receive register input status 
(RX_REG_IN) of the status register 126 is changed from "0" 

25 (indicating that there is no unread data in the receive 
register 123) to "1" (indicating that there is unread data 
in the receive register 123) . At the same time, the 
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communication control information is stored in the receive 
register 123. 

At a time t4 (one cycle after t3) , the chip select 
signal (EX_CSX) and the write strobe signal (EX_WRX) are 
5 negated. At this time, the output of the communication 
data from the external host 200 is stopped. 

At a time t5 (one cycle after the time t4) , the 
internal CPU 110 outputs the address of the status 
register 126 as the address signal (AO [3:0]) of the 
10 internal bus 150. 

At a time t6 (one cycle after the time t5) , the chip 
select signal (CSX) and the read strobe signal (RDXO) are 
asserted by the internal CPU 110. 

At a time t7 (one cycle after the time t6) , the 
15 contents of the status register 126 are outputted as the 
read data signal (DI [31:0]). At this time, the receive 
register input status (RX_REG_IN) in the status register 
126 has been set to w l" . Since the contents of the status 
register 126 have been read, the interrupt signal (INT) is 
2 0 negated . 

At a time t8 (one cycle after the time t7) , the chip 
select signal (CSX) and the read strobe signal (RDXO) are 
negated . 

At a time t9 (one cycle after the time t8) , the 
25 internal CPU 110 recognizes that unread data exists in the 
receive register 123, and outputs the address of the 
receive register 123 as the address signal (AO [3:0]). At 



39 



-this time, the output of the contents from the status 
register 126 as the read data signal (DI [31:0]) is 
stopped, and the receive register input status ( RX_REG_IN ) 
in the status register 126 is set to "0". 
5 At a time tlO (one cycle after the time t9) , the 

chip select signal (CSX) and the read strobe signal (RDXO) 
are asserted. 

At a time til (one cycle after the time tlO) , the 
contents of the receive register 123 are outputted as the 

10 read data signal (DI [31:0]). Thus, the communication 
data stored in the receive register 123 is transferred to 
the internal CPU 110 . 

At a time tl2 (one cycle after the time til) , the 
chip select signal (CSX) and the read strobe signal (RDXO) 

15 are negated. 

At a time tl3 (one cycle after the time tl2) , the 
output of the address of the receive register 123 as the 
address signal (AO [3:0]) by the internal CPU 110 is 
stopped, and at the same time the output of the contents 

20 of the receive register 123 as the read data signal (DI 
[31:0]) by the external connection interface 120 is also 
stopped. 

Next, a description will be given of the processes 
executed for data transmission. 
25 FIG. 11 is a timing chart useful in explaining data 

transmission. In FIG. 11, under the clock signal (MCLKO) 
supplied via the internal bus 150, there are illustrated 
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the signals of -the external connection bus 10 , and 
thereunder, there are illustrated the signals of the 
internal bus 150 . 

The signals of the external connection bus 10 are 
5 the transmit data-related request signal (TX_DRQX) , the 
address signal (EX_A) , the chip select signal (EX_CSX) , 
the write strobe signal (EX_WRX) , the read strobe signal 
(EX_RDX) , and the data signal (Data) for transmission of 
data via the data bus 11. The signals transmitted via the 

10 internal bus 150 are the address signal (AO [3:0]) , the 
chip select signal (CSX) , the write strobe signal (WRXO 
[3:0]), the read strobe signal (RDXO) , the write data 
signal (DO [31:0]), the read data signal (DI [31:0]), and 
the interrupt signal (INT) . Further, the value of the 

15 transmit register 124 and that of the transmit register 
output status (TX_REG_OUT) are shown to indicate the 
internal status of the information processing unit 100. 

In FIG. 11, the interrupt signal (INT) is an active- 
high signal (i.e. active when the value thereof is "1") , 

20 and the other signals are active-low signals (i.e. active 
when the values thereof are "0") . The address signal 
(EX_A) of the external connection bus 10 selects the 
register when it is low, and selects the FIFO 122 when it 
is high. The transmit register status is the value set to 

25 the bit 1 of the status register 126. The transmit data- 
related request signal (TX_DRQX) is asserted when 
untransmitted data exists in the transmit register 124 or 
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when transmit table data exists in . the transmit FIFO 122 . 
When the contents of the status register 126 are read, the 
value of the transmit register output status ( TX_RE G_OUT ) 
is cleared. As data in the transmit register 124 is read, 
5 the transmit register 124 clears the read data stored 
therein to "0" . If the data in the transmit register 124 
is not "0" when the data is read, the external host 200 
recognizes the data as new data for transmission. 

In the following, changes in the signals in FIG. 11 

10 will be described in a time sequence. 

First, at a time t21, the address of the transmit 
register 124 is outputted as the address signal (AO [3:0]) 
by the internal CPU 110, and at the same time 
communication data is outputted as the data signal (DO 

15 [31:0]). At this time, the value of the transmit register 
124 is "0". Further, the value of the transmit register 
output status (TX_REG_OUT) is also "0". 

At a time t22 (one cycle after the time t21) , the 
chip select signal (CSX) and the write strobe signal (WRXO 

20 [3:0]) are asserted. 

At a time t23 (one cycle after the time t22) , the 
communication data is written into the transmit register 
124. More specifically, since the chip select signal 
(CSX) and the write strobe signal (WRXO [3:0]) have been 

25 asserted, the communication data is written into the 
address (the address of the transmit register 124) 
designated by the address signal (AO [3:0]). At this 
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time, the transmit data-related request signal (TX_DROX) 
of the external connection bus 10 is asserted. 

At a time t24 (one cycle after the time t23) , the 
chip select signal (CSX) and the write strobe signal (WRXO 
5 [3:0]) are negated . 

At a time t25 (one cycle after the time t24) , the 
output of the address of the transmit register 124 as the 
address signal (AO [3:0]) is stopped, and the output of 
the write data signal (DO [31:0]) is stopped at the same 
1 0 time . 

At a time t26 (one cycle after the time t25) , the 
chip select signal (EX_CSX) and the read strobe signal 
(EX_RDX) of the external connection bus 10 are asserted. 

At a time t27 (one cycle after the time t2 6) , the 
15 communication data stored in the transmit register 124 is 
outputted to the data bus 11, and the transmit data- 
related request signal (TX_DROX) is negated. 

At a time t28 (one cycle after the time t27) , the 
chip select signal (EX__CSX) and the read strobe signal 
20 (EX_RDX) of the external connection bus 10 are negated. 
Further, since the communication data has been outputted 
to the data bus 11, the interrupt signal (INT) to the 
internal CPU 110 is asserted. 

At a time t29 (one cycle after the time t28) , the 
25 transmit register 124 is cleared to "0" , and the transmit 
register output status (TX_REG_OUT) is set to "1". At 
this time, the output of the communication data to the 
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data bus 11 of the external connection bus 10 is stopped. 

At a time t30 (two cycles after the time t29) , the 
internal CPU 110 outputs the address of the status 
register 126 as the address signal (AO [3:0]). 
5 At a time t31 (one cycle after the time t30) , the 

chip select signal (CSX) and the read strobe signal (RDXO) 
are asserted. 

At a time t32 (one cycle after the time t31) , the 
data of the status register 12 6 is outputted as the read 

10 data signal (DI [31:0]). Thus, the value of the status 
register 126 is read by the internal CPU110. At this 
time, the interrupt signal (INT) is negated. 

At a time t33 (one cycle after the time t32) , the 
chip select signal (CSX) and the read strobe signal (RDXO) 

15 are negated. 

At a time t34 (one cycle after the time t33) , the 
output of the address of the status register 126 as the 
address signal (AO [3:0]) and the output of the data as 
the read data signal (DI [31:0]) are stopped. At this 

20 time, since the value of the status register 126 has been 
read by the internal CPU 110, the transmit register output 
status (TX_REG_OUT) is cleared to "0". 

As described above, data communication between the 
external host 200 and the internal CPU 110 is carried out 

25 via the external connection interface 120. In this data 
communication, since the receive register 123 and the 
transmit register 124 are provided in addition to the 
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FIFOs, management Information (such as data end 
Information) can be passed via those registers. This 
eliminates the need to analyze data contents transmitted 
via the FIFOs, one by one, which reduces processing load 
5 on the internal CPU 110 and other components. The 
internal CPU 110 can allocate the processing power saved 
by the reduction of the processing load thereon, to other 
processing including encryption and decryption. 

It should be noted that to realize the first 

10 embodiment, an address designated for data transmission or 
reception by the external host 200 is required to be 
switched between the FIFO and the register as appropriate . 
Hereafter, a description will be given of the procedure of 
operations executed in a process for data communication, 

15 which is executed by the external host 200. 

FIG. 12 is a flowchart showing the procedure of 
operations executed in the process for data reception by 
the external host. In the following, the process shown in 
FIG. 12 will be described in the order of step numbers. 

20 [Step S31] The external host 200 determines whether 

or not the transmit data-related request signal (TX__DRQX) 
is asserted. If the transmit data-related request signal 
(TX_DRQX) is asserted, the process proceeds to a step S32, 
whereas if the transmit data-related request signal is not 

25 asserted, the step S31 is repeatedly carried out. 

[Step S32] The external host 200 selects one of the 
address of the transmit register 124 and the address of 
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the transmit FIFO 122 . The selection is performed 

according to a predetermined rule. For example, a cycle 
of referring to data in the transmit register 124 is 
determined in advance , for causing the address of the 
5 transmit register 124 to be selected according to this 
cycle , and the address of the transmit FIFO 122 to be 
selected in the other timing. 

[Step S33] The external host 200 receives data of 
the selected address . When the address of the transmit 
10 register 124 is selected, the data in the transmit 
register 124 is received , whereas when the address of the 
transmit FIFO 122 is selected, the data in the transmit 
FIFO 122 is received. Then, the process proceeds to the 
step S31. 

15 As described above, as long as the transmit data- 

related request signal (TX__DRQX) is asserted, the external 
host 200 periodically reads from the transmit register 
124. It should be noted that when data to be sent from 
the information processing unit 100 to the external host 

20 200 runs out, the transmit data-related request signal 
(TX__DRQX) is negated, and read access to the transmit 
register 124 or the transmit FIFO 122 by the external host 
200 is interrupted. 

FIG. 13 is a flowchart showing the procedure of 

25 operations executed in a process for data transmission by 
the external host. In the following, the process shown in 
FIG. 13 will be described in the order of step numbers. 
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[Step S41] The external host 200 determines whether 
or not the receive data-related request signal (RX_DRQX) 
is asserted. If the receive data-related request signal 
is asserted, the process proceeds to a step S42 , whereas 
5 if the receive data-related request signal is not 
asserted, the step S41 is repeatedly carried out. 

[Step S42] The external host 200 selects one of the 
address of the receive register 123 and the address of the 
receive FIFO 121a or 121b. The selection of the address 

10 is determined according to data contents to be 
transmitted. For example, when actual data to be sent to 
the internal CPU 110 is to be transmitted, the address of 
the FIFO 121a or 121b is selected. Then, when data end 
information is to be transmitted after completion of the 

15 transmission of the actual data, the address of the 
receive register 123 is selected. 

[Step S43] The external host 200 transmits the data 
to the selected address . When the address of the receive 
register 123 is selected, the data is transmitted to the 

20 receive register 123, and when the address of the receive 
FIFO 121a or 121b is selected, the data is transmitted to 
the FIFO 121a or 121b. Then, the process proceeds to the 
step S41. 

As described above, when the receive data-related 
25 request signal (RX_DRQX) is asserted, the external host 
200 can store data in the receive FIFOs 121a or 121b and 
the receive register 123. For example, a series of data 
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is read. It should be noted that when data to be 
transmitted from the information processing unit 100 to 
the external host 200 runs out, the transmit data-related 
request signal (TX_DRQX) is negated, and the read access 
5 from the external host 200 to the transmit register 124 or 
the transmit FIFO 122 is interrupted. 

It should be noted that the processing functions of 
the external host 200 shown in FIGS. 12 and 13 are 
accomplished by executing a program, prepared in advance, 

10 by a CPU within the external host 200. The program 
describing the details of the processes can be recorded in 
a computer-readable recording medium. The computer- 

readable recording medium includes a magnetic recording 
device, an optical disk, a magneto-optical recording 

15 medium, and a semiconductor memory. The magnetic 

recording device includes a hard disk drive (HDD) , a 
flexible disk (FD) , and a magnetic tape. The optical disk 
includes a DVD (Digital Versatile Disk) , a DVD-RAM (Random 
Access Memory) , and a CD-ROM (Compact Disk Read Only 

20 Memory), and a CD-R (Recordable) /RW (Rewritable). 
Further, the magneto-optical recording medium includes an 
MO (Magneto-Optical disk) . 

To make the program available on the market, 
portable recording media, such as DVD and CD-ROM, which 

25 store the program, are sold. Further, the program can be 
stored in a storage device of a server computer connected 
to a network, and transferred from the server computer to 
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another computer via the network. 

When the program is executed by a computer, the 
program stored e.g. in a portable recording medium or 
transferred from the server computer is stored into a 
5 storage device of the computer. Then, the computer reads 
the program from the storage device of its own and 
executes processing based on the program. The computer 
can also read the program directly from the portable 
recording medium and execute processing based on the 
10 program. Further, the computer may also execute 

processing based on a program which is transferred from 
the server computer whenever the processing is to be 
carried out. 

As described above, in the first embodiment, 
15 communication with external devices is enabled by 
providing a transmit FIFO (TX_FIFO) and a receive FIFO 
(RX__FIFO) as well as a transmit register (TX_REG) and a 
receive register (RX_FIFO) in the external interface 
section. When the external host 200 has written 

20 communication control information into the receive 
register 123, an interrupt signal is asserted, whereby the 
internal CPU 110 can recognize that the information has 
been written into the receive register 123. On the other 
hand, when writing in the transmit register 124 has been 
25 performed, the transmit data-related request signal via 
the external connection bus 10 is asserted, whereby the 
external host 200 can recognize that data has been written 
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into the transmit register 124. Whether or not the data 
in the transmit register 124 has already been read can be 
determined by read-clearing of the data in the transmit 
register 124 . 

5 Thus, the information needed for communication of 

termination and the like of data reception/ transmission is 
exchanged via the registers as described above , whereby 
the need to analyze data in the FIFOs is eliminated, which 
contributes to reduction of load on the internal CPU 110. 

10 That is, the external host 200 or the internal CPU 100 is 
required to send each other information of contents to be 
communicated, depending on the state of communication. At 
this time, the data transmitting side can select a 
register using the address signal (EX_A or AO) and write 

15 the data in the register, whereby communication control 
information can be sent to the data receiving side without 
using the FIFOs. Therefore, the internal CPU 110 only 
needs to recognize data from the register as communication 
control information, and there is no need to analyze data 

2 0 from the FIFO to find whether the data is communication 
control information or actual data. As a result, load on 
the internal CPU 110 is reduced, which promises improved 
performance . 

Further, it is possible to exchange any information 
25 via the registers during data transmission/reception. 
That is, differently from the conventional external 
connection interface having a configuration in which 
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information can be exchanged only after the data is read 
since communication control information is stored as data 
in a FIFO, in the first embodiment , an interruption to the 
internal CPU 110 occurs when communication control 
5 information is stored in a register, which enables the 
communication control information to be passed to the 
internal CPU 110 without delay. This makes it possible to 
perform fast exchange of information between the external 
host 200 and the internal CPU 110 even during data 

10 transmission/reception . 

Since the registers provided separately from the 
FIFOs, as described above, are used for 

transmission/reception of communication control 

information, it is possible to pass other information 

15 without degrading the efficiency of transfer of 
communication data. Therefore, the effects of the present 
embodiment are more advantageous particularly when data is 
transmitted as streaming data e.g. on a network. For 
example, the present embodiment makes it possible to 

2 0 exchange communication control information while 
distributing data stream of a moving image sequence, 
without degrading the efficiency of transfer of the 
stream. 

Further, since the data end information is stored in 
2 5 a register, it is possible to determine the end of data 
transmission/reception without reading data in a FIFO. 
Consequently, in the case of a FIFO using a single-port 
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RAM, for example, it is possible to determine that writing 
of data in the FIFO should be stopped and reading of data 
therefrom should be allowed, even when the FIFO has not 
become full of data. More specifically, according to the 
5 conventional art, in a FIFO using a single-port RAM, an 
interrupt signal or a transmit or receive data-related 
request signal is not asserted until the FIFO becomes full 
of data. For this reason, the data receiving side cannot 
start reading until the FIFO becomes full of data. In 

10 contrast, according to the first embodiment, even when 
data transmission has been completed and the FIFO is not 
full, the data end information is written into the 
register, whereby the internal CPU 110 is notified that 
the final data has been stored. As a result, even when 

15 the FIFO is not full of data, reading from the FIFO can be 
started. 

It should be noted that the transmit register 124 
can be also used as a free register. For example, it is 
possible to use the transmit register 124 to send free 

20 data, such as data of the number of bytes writable in the 
receive FIFO 121a or 121b, to the external host 200. This 
widens the use of the external connection interface 120 as 
well as enables smooth data communication. 

Similarly, the receive register 123 can be used as a 

25 free register. For example, the external host 200 can use 
the receive register 124 to send free data, such as data 
of a size of transmit data. This widens the use of the 
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external connection interface 120 as well as enables 
smooth data communication . 

As described above, in the first embodiment, since 
communication data is transferred via buffers, and 
5 communication control information is transferred via 
registers, it is possible to pass the communication 
control information without analyzing the contents of the 
communication data, which makes it possible to achieve 
efficient transmission/reception of communication data. 

10 [Second Embodiment] 

Next, a second embodiment of the present invention 
will be described. The second embodiment is provided for 
enhancing efficiency in data communication by a data 
security device for ensuring secure communication . 

15 First, a description will be given of necessity of 

improving efficiency in data communication by a data 
security device for ensuring secure communication and 
difficulty in doing so . 

The widespread use of the Internet has enabled 

2 0 various data communications via the Internet. Data 
communicated via the Internet includes personal 
information and company secrets . These kinds of important 
data are encrypted, for example, to be protected from 
illegal data acquisition by a third party. 

2 5 In cryptographic processing (encryption and 

decryption processing) , more complicated encryption 
algorithm is required for enhancement of difficulty in 
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decryption. For this reason, in a system executing 

cryptographic processing and authentication processing by 
software, processing load applied to a CPU has become 
excessively large. As a result, the cryptographic 

5 processing and the authentication processing seriously 
affect processing power of the whole system. 

Particularly, IPv6 (Internet Protocol version 6) as 
a next generation Internet protocol defines IPsec as an 
essential function, which was defined in IPv4 (Internet 

10 Protocol version 4) as an optional function. IPsec is a 
protocol formed by adding a security function to TCP/IP 
(Transmission Control Protocol/ Internet Protocol) . The 
use of IPsec makes it possible to ensure security of 
communication over a LAN (Local Area Network) , a private 

15 or public WAN (Wide Area Network) , or the Internet. 

IPsec can be roughly divided into three protocols , 
i.e. IKE (Internet Key Exchange), ESP (Encapsulating 
Security Payload) and AH (Authentication Header) , to all 
of which is applied cryptographic processing. 

20 Encrypted communication by IPsec is started by 

establishing a SA (Security Association) including key 
exchange. IPsec defines "IKE" as a key exchange protocol 
which makes it possible to automatically negotiate and 
establish SAs . It should be noted that there exist some 

25 other key exchange protocols, but in IPsec, IKE is the 
standard, which is created based on a key exchange 
protocol called "ISAKMP/Oakley" . 
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If the contents of communication data leak to a 
third party at the stage of the key exchange, encrypted 
communication performed by using I Spec after the key 
exchange counts for nothing. Further, since encryption by 
5 IPsec takes effect only after completion of key exchange, 
IPsec cannot be used for IKE. Therefore, IKE supports 
encrypted communication by itself. 

For the encrypted communication by IKE itself, 
another key exchange procedure for IKE is determined, and 

10 hence IKE is comprised of two phases as a whole. First, 
in a phase 1 , an encryption algorithm to be used in a 
phase 2 is determined, and at the same time an encryption 
key is generated. After sharing of the encryption keys, 
the process proceeds to the phase 2 using the encryption 

15 keys, whereby encrypted communication limited to IKE is 
enabled. Subsequently, negotiation is started for 

encrypted communication by IPsec. 

In the negotiation for the encrypted communication, 
various pieces of information concerning determination of 

20 encryption algorithms, exchange of encryption keys, and so 
forth, which are required for communication by IPsec, are 
sequentially exchanged, whereafter encrypted communication 
of data is enabled. 

After negotiation of the "ESP" protocol for use in 

25 data transfer is completed, communication by encrypted 
packets is started between the parties concerned. In 
IPsec, data is encrypted on a packet-by-packet basis, and 
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transmitted in a state packed in a container called "ESP" . 
In IPsec, there are provided two methods called "the 
transport mode" and "the tunnel mode", selectively used 
depending on a portion of data to be encrypted. 
5 In the transport mode, only a data portion to be 

sent in an IP packet is encrypted, and an IP header 
designating an address and the like is added to the data 
portion, whereafter the IP packet is transmitted. On the 
other hand, in the tunnel mode, an IP header once received 

10 from another host and a data portion are collectively 
encrypted, and then a new IP header is added to the 
encrypted data, whereafter the IP packet is transmitted. 

Further, as a technique for preventing tampering of 
communication data, authentication processing is employed. 

15 In the authentication processing, authentication data is 
generated so as to authenticate the contents of 
communication data . 

The authentication data is responsible for 
"assurance of integrity" and "authentication" . The 

20 authentication data contains data called "MAC (Message 
Authentication Code) " . MAC is obtained by performing 
computation on a combination of the contents of 
communication data and a password using a computing method 
called a hash function . The hash function makes it 

2 5 possible to generate a fixed-length data unit of several 
tens of bits to several hundreds of bits from a data unit 
of any size. The operation using the hash function is 
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similar to cryptographic processing, and in many cases, 
the cryptographic processing includes authentication 
processing using the hash function, as a function thereof. 

DES-CBC, 3DES-CBC, MD5 , SHAl , HMAC-MD5 and HMAC-SHA1 
5 are typical algorithms used in the cryptographic 
processing or authentication processing. 

On a transmitting side, the combination of the data 
and the password is processed by a message digest 
algorithm, and then the processed data is added to a 

10 packet, as authentication data within ESP. When the data 
reaches a receiving side without error, the receiving side 
performs computation on a combination of the received data 
and a password stored on its own side, by the same message 
digest algorithm as used by the transmitting side. Then, 

15 an obtained result and the received data are compared, and 
when no difference is found between the two, it is proved 
that the data has arrived without being tampered with on 
the way. 

The "AH" protocol is designed for "assurance of 
2 0 integrity" and "authentication" . In the AH, encryption of 
data is not performed, but only an SPI , a sequence number , 
and authentication data are packed and added to a 
conventional IP packet. Although the ESP alone can 
perform the authentication function, the AH is defined for 
2 5 ensuring at least "assurance of integrity" and 
"authentication" in case of the encrypted communication 
being unavailable. The well-known data authentication 
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methods include SHA1 (Secure Hash Algorithm 1) as a hash 
function algorithm (Bruce Schneier "Applied Cryptography 
(Second Edition) ", 1996, John Wiely & Sons, Inc pp. 265- 
278, pp. 429-459) . 
5 Presently, IPsec is mainly used as a protocol for a 

"VPN (Virtual Private Network) " utilizing the Internet . 
The VPN is a network that interconnects a home office and 
branches of the company or LANs via the Internet, which 
has been conventionally realized using a private line. On 

10 the Internet, however, contents of communication are 
exposed to an indefinite number Internet users . 
Therefore, a method of protecting transmit data is 
necessitated. To solve this problem, IPsec is used for 
the VPN. The use of IPsec makes it possible to ensure 

15 communication security, as in a case where a private line 
is used, at a far more inexpensive communication charge 
than when the private line is used. 

Many of currently leading IPsec-based products are 
provided for use in VPNs . The products are in the form of 

20 private or dedicated encryption devices, or in the form of 
functions added to routers and firewall products . By 
installing such products at entrances of access lines 
connected to the Internet at respective bases, and there 
by making use of IPsec in the tunnel mode, it is possible 

2 5 to encrypt all communications between the bases. Further, 
recent commercial OSs (Operating Systems) have come to 
support IPsec as standard, so that encrypted 
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communications between SOHOs (Small Offices /Home Offices) 
and between a home and an office are becoming available. 
As the Internet gains a significant foothold as an 
infrastructure in the future, security techniques become 
5 indispensable to users whether the users are individuals 
or companies. For this reason, IPsec is a very promising 
technique . 

Software processing by a CPU is well-known as a 
general method for executing cryptographic processing or 

10 overall processing by hash functions , or forming a HMAC 
(Keyed- Hashing for Message Authentication Code) message 
authentication function by using a particular hash 
function. In this method, since the cryptographic 

processing frequently uses product-sum operation, bit 

15 inversion, exclusive OR operation, and bit shift, heavy 
operational load is placed on the CPU, and hence, when the 
CPU is low in performance, processing takes so long a time 
that it is difficult to ensure even normal protocol 
processing. On the other hand, although a CPU high in 

20 performance is capable of performing processing at a 
sufficiently high speed, such a CPU is also high in price 
and consumes much power. Further, it is difficult for a 
system using a high-performance CPU to perform stable 
operation. Moreover, since a high-performance CPU is 

25 expensive, it is impossible to use such a CPU in an 
inexpensive product which can incorporate only a low- 
performance CPU . 
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The speed of cryptographic processing by software 
completely depends on the CPU occupation rate and 
processing power of a CPU . For this reason, besides being 
low in speed of the cryptographic processing, if the 
5 cryptographic processing is combined with other 
processing, processing speed is further reduced, and 
difficulty in processing is increased. For example, when 
IPsec processing is executed with a low-performance CPU, 
processing takes such long a time that it is difficult to 

10 ensure even normal protocol processing. Although a high- 
performance CPU is capable of performing processing at a 
sufficiently high speed, such a CPU is high in price and 
consumes much power, and it is difficult for a system 
using such a CPU to perform stable operation. Therefore, 

15 in introducing IPsec into products having a CPU that does 
not have a particularly high performance, it has been 
difficult to realize products with built-in IPsec 
functions such that they have a practical performance and 
a reasonable price. 

2 0 In the prior art, cryptographic processing takes 

long time as described above, and hence streaming 
processing cannot be performed at a speed comfortable to 
users. Processing of large data, such as cryptographic 
processing and authentication processing executed in IPsec 

25 key exchange, and encryption and authentication of IP 
packets , takes enormous amount of time . 

Further, it is possible to use an LSI (Large Scale 
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Integration) chip specifically for cryptographic 
processing so as to speed up the processing. Similarly to 
the cryptographic processing, hash function processing is 
realized by a circuit (see e.g. Japanese Unexamined Patent 
5 Publication (Kokai) No. Hll-500241 and No. 2001-175605). 
Further, there has been proposed a stream encryption 
device for use in IPsec processing e.g. in Japanese 
Unexamined Patent Publication (Kokai) No. 2003-32244. 

By incorporating such dedicated circuits into a 
10 system, it is possible to obtain improvements in 
performance, costs, and power consumption, compared with 
the processing using software. Further, the memory is not 
excessively used for memory copying e.g. in software 
operation . 

15 However, in the prior art, data input/output to and 

from a dedicated circuit are performed via a CPU. More 
specifically, the CPU has to write/read in and from 
registers within the dedicated circuit in timing 
corresponding to the number of blocks to be processed. 

20 Therefore, the burden of the register read/ write is placed 
on the CPU, and an increase in the amount of processing 
causes degradation of performance of the CPU in this 
respect . 

Further, the conventional circuit uses a control 
25 register, which when register write of data to be 
encrypted/decrypted is completed, turns on a cryptographic 
operation start bit to start the cryptographic processing. 
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Therefore, this circuit is not suitable for streaming 
processing. 

Since the amount of processing executed via the CPU 
is enormous as described above, the speed of the 
5 cryptographic processing completely depends on the CPU 
occupation rate and processing power of the CPU. For this 
reason, the capability of the dedicated circuit cannot be 
fully utilized. In addition, it is expected that when the 
cryptographic processing is combined with other 
10 processing, processing speed is further reduced, and 
difficulty in processing is increased. 

To overcome the above problems, it is necessary to 
realize a dedicated circuit and a system which can be 
manufactured at reasonable costs and can achieve 
15 comfortable communication speed. 

Hereafter, the second embodiment of the present 
invention will be described with reference to drawings . 

First, the outline of the invention applied to the 
second embodiment will be described, and then a 
20 description will be given of details of the second 
embodiment . 

FIG. 14 is a conceptual diagram of the invention 
applied to the second embodiment. The data security 
device 8 is comprised of a CPU (Central Processing Unit) 
25 8a, a data acquisition circuit 8b, a cryptographic 
processing circuit 8c, an authentication processing 
circuit 8d, a data input/output control circuit 8e, and a 
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data output circuit 8f . The CPU 8a, the data acquisition 
circuit 8b, the data input/output control circuit 8e, and 
the data output circuit 8f are interconnected via a first 
bus 89. The cryptographic processing circuit 8c and the 
5 data input/output control circuit 8e are connected by a 
second bus 8h . The authentication processing circuit 8d 
and the data input/output control circuit 8e are connected 
by a third bus 8i. 

The CPU 8a controls the overall operation of the 

10 data security device 8. The data acquisition circuit 8b 
acquires object data 9a to be processed. This circuit 8b 
receives data inputted via a network, for example. When 
having received authentication data from the 
authentication processing circuit 8d, the CPU 8a carries 

15 out processing for authentication of the object data 9a to 
be processed and addition of the authentication data to 
the processed data 9b. 

The cryptographic processing circuit 8c executes 
cryptographic processing on inputted data. The 

20 cryptographic processing is encryption or decryption 
processing. For example, data to be transmitted via a 
wide area network, such as the Internet, is subjected to 
the encryption processing. On the other hand, when 

encrypted data is received, the decryption processing is 

2 5 carried out. 

The authentication processing circuit 8d executes 
authentication processing on data. The authentication 
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processing is for generating authentication data, such as 
a hash value generated based on a hash function. The 
generated authentication data is passed to the CPU 8a, for 
example . 

5 The data input/output control circuit 8e controls 

input/output of data to and from the cryptographic 
processing circuit 8c and the authentication processing 
circuit 8d. More specifically, the data input/output 
control circuit 8e acquires the object data 9a from the 

10 data acquisition circuit 8b via the first bus 8g and 
stores the same in an internal memory . When the 

cryptographic processing is required, the data 
input/output control circuit 8e inputs the object data 9a 
to the cryptographic processing circuit 8c via the second 

15 bus 8h. Then, the data input/output control circuit 8e 
acquires the processed data 9b subjected to the 
cryptographic processing, from the cryptographic 
processing circuit 8c via the second bus 8h. On the other 
hand, when the authentication processing is required, the 

20 data input/output control circuit 8e inputs the object 
data 9a to the authentication processing circuit 8d via 
the third bus 8i . The data input/output control circuit 
8e passes the processed data 9b to the data output circuit 
8f . 

25 It should be noted that by incorporating a DMA 

(Direct Memory Access) controller in the data input/output 
control circuit 8e, transfer of data via the first bus 8g 
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can be performed by DMA.. 

The data output circuit 8f outputs the received 
processed data 9b. When the processed data 9b is 
encrypted data, authentication data, such as a hash value, 
5 is added to the processed data 9b according to control 
e.g. by the CPU 8a. 

The data security device 8 configured as above 
carries out processes described below. It should be noted 
that the processes executed by the data security device 8 
10 includes a process for enhancing security by encrypting 
plaintext data and outputting the encrypted data and 
processing of converting encrypted data by decryption into 
a data format that can be viewed and then outputting the 
decrypted data. 

15 First, a description will be given of a case where 

plaintext data is encrypted and then outputted. When 
plaintext object data 9a to be processed is received by 
the data acquisition circuit 8b, the data input/output 
control circuit 8e acquires the object data 9a and stores 

2 0 the same in the internal memory. Then, the object data 9a 
stored in the internal memory is inputted to the 
cryptographic processing circuit 8c by the data 
input/output control circuit 8e. The object data 9a is 
encrypted by the cryptographic processing circuit 8c and 

2 5 then passed to the data input/output control circuit 8e. 

The encrypted object data 9a is passed to the 
authentication processing circuit 8d by the data 

65 



input/output control circuit 8e . The authentication 

processing circuit 8d carries out authentication 
processing. For example, authentication data, such as a 
hash value, is generated. The processed data 9b is passed 
5 to the data output circuit 8f by the data input/output 
control circuit 8e. Then, the authentication data is 
added to the processed data 9b by data processing and the 
like executed by the CPU 8a, followed by being outputted 
from the data output circuit 8f . 

10 Next, a description will be given of a case where 

encrypted data is decrypted and then outputted. When 
encrypted object data 9a (assumed to have authentication 
data added thereto) is received by the data acquisition 
circuit 8b, the data input/output control circuit 8e 

15 acquires the object data 9a and stores the same in the 
internal memory. Then, the object data 9a stored in the 
internal memory is inputted to the authentication 
processing circuit 8d by the data input/output control 
circuit 8e. The authentication processing circuit 8d 

20 carries out authentication processing. For example, 

authentication data, such as a hash value, is generated. 
The generated authentication data is compared with the 
authentication data added to the object data 9a. The 
comparison is performed e.g. by the CPU 8a. 

25 When the object data 9a is authenticated by the 

comparison, the object data 9a stored in the internal 
memory is passed to the cryptographic processing circuit 
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8c by the data input/output control circuit 8e. Then, the 
object data 9a is decrypted by the cryptographic 
processing circuit 8c , and passed to the data input/output 
control circuit 8e. The processed data 9b converted into 
5 plaintext data is passed to the data output circuit 8f by 
the data input/output control circuit 8e, followed by 
being outputted from the data output circuit 8f . 

As described above, once object data to be subjected 
to cryptographic processing or authentication processing 

10 has been stored in the internal memory of the data 
input/output control circuit 8e, the CPU 8a can input and 
output the data to and from the cryptographic processing 
circuit 8c and the authentication processing circuit 8d, 
respectively, via the second bus 8h and the third bus 8i 

15 separate from the first bus 8g connected to the CPU 8a. 
As a result, the CPU 8a does not need to manage data 
input/output to and from the cryptographic processing 
circuit 8c and the authentication processing circuit 8d, 
which reduces processing load applied to the CPU 8a. 

20 In addition, since the DMA controller is 

incorporated in the data input/output control circuit 8e, 
acquisition of object data 9a and passing of processed 
data 9b, which are carried out via the first bus 8g, can 
be performed under the control of the data input/output 

25 control circuit 8e. For example, when object data 9a is 
large in volume, the object data 9a can be stored in 
another memory beforehand, and the data input/output 
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control circuit: 8e can acquire the object data 9a from the 
memory by DMA transfer. Further, the data input/output 
control circuit 8e can also use DMA. transfer so as to 
transfer processed data 9b to another memory. As a 
5 consequence, processing load on the CPU 8a is further 
reduced . 

By incorporating a communication interface having 
both the functions of the data acquisition circuit 8b and 
the data output circuit 8f in the data security device 8a, 

10 it is possible to construct a data communication device 
equipped with the data security function. This data 
communication device is capable of achieving functions 
equivalent to those of a VPN device. Hereafter, the data 
security device having the VPN function is referred to as 

15 the security network controller. 

If a security network controller is installed in an 
electronic device or apparatus of any kind, the electronic 
device or apparatus will be able to readily perform secure 
data communication. For example, if a security network 

20 controller to which is applied the present invention is 
installed in a camera system (computer system equipped 
with a function of picking up a digital image and a 
function of processing data of the picked-up image) , it is 
possible to distribute moving pictures on-line to 

25 predetermined users (e.g. registered members) via the 
Internet. Further, it is also possible to securely 
control a camera from a remote site. 
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It should be noted that the utilization of IPsec 
functions ensures secure communication with ordinary users 
other than predetermined users. More specifically, when 
IPsec is used, it is possible to authenticate the other 
5 party and exchange keys securely by utilizing ISAKMP 
(Internet Security Association Key Management Protocol) . 
Therefore, if key exchange is carried out under the ISAKMP 
protocol at the start, it is possible to perform secure 
communication between any devices . 

10 FIG. 15 shows an example of a system configuration 

according to the second embodiment. As shown in FIG. 15, 
a camera system 30 having a security network controller 
installed therein is connected to a terminal unit 32 via 
the Internet 31. The terminal unit 32 is e.g. a computer 

15 having the VPN function. When the terminal unit 32 is 
also equipped with a security network controller, 
cryptographic communication via the Internet 31 is 
facilitated . 

FIG. 16 is a diagram showing the circuit 
20 configuration of the camera system 30. The camera system 
30 is comprised of the security network controller 300, a 
main CPU 30a, peripheral circuits 30b and 30c, and a 
camera mechanism section 30 . The security network 

controller 300 is equipped with the VPN function and 
25 capable of performing processing including encryption and 
decryption by hardware. 

It should be noted that the security network 
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controller 300 can be implemented by an LSI chip. By 
implementing the security network controller 300 by the 
LSI chip, it is possible to incorporate the security 
network controller 300 in an electronic device or 
5 apparatus of any kind with ease. 

Further, the security network controller 300 can be 
provided in a single module (e.g. a card module, such as 
PCMCIA (Personal Computer Memory Card International 
Association) ) . This makes it possible to mount the 

10 security network controller 300 in the camera system 30 or 
another device or apparatus via a predetermined 
communication interface with ease. 

The main CPU 30a controls the peripheral circuits 
30b and 30c and the camera mechanism section 30d to 

15 thereby control overall operation of the camera system 30. 
The circuits 30b and 30c represent a camera focus control 
circuit, an image data compression circuit, and so forth. 
Further, the main CPU 30a transfers a digital image 
photographed by the camera system 30 to the security 

20 network controller 300. 

The security network controller 300 is comprised of 
a CPU 301, a memory controller 302, a memory 303, an 
external connection interface 304, a communication 
interface 305, an IPsec control circuit 310, a 

25 cryptographic processing circuit 320, and a hash function 
processing circuit 330 . These elements are interconnected 
by an internal bus and the like. 
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The CPU 301 controls the entire security network 
controller 300 . 

The memory controller 302 controls input/output of 
data to and from the memory 303 . The memory 303 stores 
5 data. Although the memory 303 appears in the security 
network controller 300 in FIG. 16, it can be connected to 
the security network controller 300 from the outside. In 
this case, the memory controller 302 is provided with a 
connector for external connection, and the memory 303 is 

10 connected to the connector, whereby the memory 303 and the 
security network controller 300 are connected to each 
other. The memory 303 can be implemented by a 

semiconductor memory, such as a SRAM (Static Random Access 
Memory) or a flash memory. The memory controller 302 

15 writes received data into the memory 303 or reads data 
from the same. The memory 303 is also used for 

accumulation of object data to be processed or as a work 
memory during computation. 

The external connection interface 304 is connected 

20 to the main CPU 30a, for relay of communication data 
between the main CPU 30a and the CPU 301 . The external 
connection interface 304 is basically comprised of a 
register and data, and performs bidirectional data 
communication . 

2 5 The external connection interface 304 is configured 

similarly to the external connection interface 120 
(appearing in FIGS. 2, 3) according to the first 
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embodiment:. Therefore, data communication between the 
main CPU 30a and the security network controller 300 can 
be performed efficiently by the external connection 
interface 304 . 

5 The communication interface 305 is connected to the 

Internet 31 , for relay of communication data via the 
Internet 31. The communication interface 305, which is 
also referred to as a MAC (Media Access Control) , has a 
function of realizing connection to a network, via a 
10 physical layer, such as an Ethernet (registered 
trademark) . 

The IPsec control circuit 310 controls input/output 
of data to and from the cryptographic processing circuit 
320 and the hash function processing circuit 330. The 

15 cryptographic processing circuit 320 performs data 
encryption or decryption processing. The hash function 
processing circuit 330 generates a hash value based on 
communicated data. 

With the system configuration described above, the 

2 0 main CPU 30a controls the camera to be controlled. In 
this control operation, the main CPU 30a performs 
communication securely via the Internet 31 to thereby 
execute control of the camera in response to an 
instruction from a remote site or distribute images picked 

25 up by the camera, via the Internet 31. IPsec is used for 
the secure communication. It should be noted that the 
security network controller 300 can be installed not only 
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in cameras , but: also in electrical appliances , home 
appliances , AV apparatuses , etc . , to control the devices 
and apparatuses . 

The communication interface 305 or the IPsec control 
5 circuit 310 has a function of reducing load on the CPU 301 
in the IPsec processing. This function realizes the 
packet-by-packet encryption and authentication processing 
in place of the CPU 301. 

For example, for data transmission , processes 

10 described below are executed. 

Data to be distributed from the main CPU 30a onto 
the Internet 31 is transferred to the memory 303 via the 
external connection interface 304. Then, when an 

instruction for DMA. transfer of data to be encrypted is 

15 issued from the CPU 301 to the IPsec control circuit 310, 
the IPsec control circuit 310 acquires the data to be 
encrypted by DMA. transfer, and passes the same to the 
cryptographic processing circuit 320. The cryptographic 
processing circuit 320 executes encryption processing 

20 according to the IPsec protocol. The encrypted data is 
DMA transferred to the memory 303 by the IPsec control 
circuit 310. In succession, an instruction for DMA 

transfer of data for authentication is issued from the CPU 
301 to the IPsec control circuit 310. In response to the 

25 instruction, the IPsec control circuit 310 acquires the 
data for authentication by DMA transfer, and passes the 
same to the hash function processing circuit 330 . The 
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hash function processing circuit 330 generates a hash 
value according to the IPsec protocol. Then, the CPU 301 
generates a packet containing the encrypted data and the 
generated hash value, and transmits the same onto the 
5 Internet 31 via the communication interface 305 . 

When the procedure described above is followed in 
distribution of images, it is possible to distribute video 
stream reproducible only by predetermined terminal units 
(e.g. terminal units of users registered as members) . 

10 On the other hand, when control data is sent to the 

main CPU 30a by a packet subjected to IPsec processing via 
the Internet, processes described below are executed. 

The communication interface 305 receives the 
transmitted packet. The packet is written into the memory 

15 303 under the control of the CPU 301. Then, when an 
instruction for DMA. transfer of authentication data within 
the packet is issued from the CPU 301 to the IPsec control 
circuit 310, the IPsec control circuit 310 acquires the 
authentication data by DMA. transfer, and passes the same 

20 to the hash function processing circuit 330. The hash 
function processing circuit 330 generates a hash value 
according to the IPsec protocol. The CPU 301 

authenticates the received data based on the hash value . 

When the data is authenticated based on the 

2 5 generated hash value, an instruction for DMA transfer of 
encrypted data within the packet is issued from the CPU 
301 to the IPsec control circuit 310. In response to the 
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instruction , the IPsec control circuit 310 acquires the 
encrypted data by DMA transfer, and passes the same to the 
cryptographic processing circuit 320. The cryptographic 
processing circuit 320 executes decryption processing 
5 according to the IPsec protocol . The decrypted plaintext 
data is DMA. transferred to the memory 303 by the IPsec 
control circuit 310. Thereafter, the decrypted data is 
sent to the main CPU 30a via the external connection 
interface 304 and processed by the main CPU 30a. 

10 When the procedure described above is followed in 

passing camera control instructions and the like to the 
main CPU 30a, it is possible to control the camera 
securely from a remote site. 

The procedures of operations executed in processes 

15 for data transmission and reception will be described 
below with reference to FIG. 17. 

FIG. 17 is a flowchart of the procedure of 
operations executed in a process for data transmission. 
Now, the process shown in FIG. 17 will be described in the 

2 0 order of step numbers. 

[Step S51] The main CPU 30a executes an application 
e.g. for video image acquisition and generates data, 
whereafter the generated data is passed to the security 
network controller 300. 

25 [Step S52] The data is stored in the memory 303 

under the control of the CPU 301. 

[Step S53] The CPU 301 performs encapsulation. 



75 



Encapsulation means to encapsulate data in a header or a 
trailer . 

[Step S54] The data is passed to the cryptographic 
processing circuit 320 by the IPsec control circuit 310. 
5 Then, the cryptographic processing circuit 320 encrypts 
the data. The encrypted data is returned to the memory 
303 by the IPsec control circuit 310 . 

[Step S55] The encrypted data is passed to the hash 
function processing circuit 330 by the IPsec control 
10 circuit 310. Then, the hash function processing circuit 
330 generates a hash value. The generated hash value is 
passed to the CPU 301 . 

[Step S56] The CPU 301 generates a frame for 
transmission . 

15 [Step S57] The CPU 301 writes the frame in an output 

buffer (of the communication interface 305) . 

[Step S58] The communication interface 305 transmits 
the frame onto the Internet 31. 

In the following, data flow in distribution of 
20 moving image data will be described with reference to 
FIGS. 18 to 25. 

FIG. 18 is a diagram showing a first step in the 
data distribution. First, data 41 of an image picked up 
by the camera system 30 is inputted from the main CPU 30a 
25 to the security network controller 300. The data 41 is 
received by the external connection interface 304 and 
transferred to the memory controller 302. Then, the data 
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41 is written into the memory 303 by the memory controller 
302. 

FIG. 19 is a diagram showing a second step in the 
data distribution. The IPsec control circuit 310 acquires 
5 the data 41 from the memory 303 by DMA. transfer. 

FIG. 20 is a diagram showing a third step in the 
data distribution. The IPsec control circuit 310 passes 
the acquired data 41 to the cryptographic processing 
circuit 320. The cryptographic processing circuit 320 
10 encrypts the data 41. Then, the cryptographic processing 
circuit 320 passes the encrypted data 42 to the IPsec 
control circuit 310. In the meantime, the main bus is 
kept open, so that the IPsec control circuit 310 can 
receive following data 43 from the main CPU 30a and 
15 transfer the same to the memory 303. 

FIG . 21 is a diagram showing a fourth step in the 
data distribution. The IPsec control circuit 310 passes 
the encrypted data 42 to the memory controller 302 by DMA. 
transfer. The memory controller 302 stores the received 
20 data 42 in the memory 303. 

FIG. 22 is a diagram showing a fifth step in the 
data distribution. The IPsec control circuit 310 acquires 
the encrypted data 42 from the memory 303 by DMA transfer. 

FIG. 23 is a diagram showing a sixth step in the 
25 data distribution. The IPsec control circuit 310 passes 
the encrypted data 42 to the hash function processing 
circuit 330. The hash function processing circuit 330 
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applies the hash function to the data 42 to generate a 
hash value. In the meantime, the main bus is kept open, 
so that the IPsec control circuit 310 can receive 
following data 44 from the main CPU 30a and transfer the 
5 same to the memory 303. 

FIG. 24 is a diagram showing a seventh step in data 
distribution. The hash function processing circuit 330 
passes the generated hash value 45 to the CPU 301. The 
CPU 301 adds the hash value 45 to the encrypted data 42 

10 stored in the memory 303. 

FIG. 25 is a diagram showing an eighth step in the 
data distribution. The CPU 301 generates a packet 46 for 
transmission from the encrypted data 42 and the hash value 
45 stored in the memory 303 and distributes the packet, 

15 via the communication interface 305, to the terminal unit 
32 connected to the Internet 31 . 

The passing of data between the memory 303 and the 
IPsec control circuit 310 is performed by the DMA. function 
of the IPsec control circuit 310 as described above, so 

2 0 that load on the CPU 301 is small. Further, the IPsec 
control circuit 310 and the cryptographic processing 
circuit 320 are connected by a dedicated bus, and the 
passing of data therebetween for cryptographic processing 
is performed via the dedicated bus, so that the main bus 

2 5 can be used for transfer of other data during the passing 
of data for cryptographic processing. Similarly, the 
IPsec control circuit 310 and the hash function processing 
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circuit 330 are connected by a dedicated bus, and the 
passing of data therebetween for hash processing is 
performed via the dedicated bus, so that the main bus can 
be used for transfer of other data during the passing of 
5 data for hash processing. This improves processing 

efficiency . 

FIG. 26 is a flowchart showing the procedure of 
operations executed in a process for data reception. Now, 
the process shown in FIG. 26 will be described in the 
10 order of step numbers. 

[Step S61] The communication interface 305 receives 
a frame sent via the Internet 31 . 

[Step S62] A packet contained in the received frame 
is stored in an input buffer within the communication 
15 interface 305. 

[Step S63] The CPU 301 performs header processing of 
the packet. 

[Step S64] The data is passed to the cryptographic 
processing circuit 320 by the IPsec control circuit 310. 

2 0 Then, the authentication processing is executed by the 
hash function processing circuit 330 for generating a hash 
value. The CPU 301 performs authentication of the data by 
comparing the hash value generated by the hash function 
processing circuit 330 and a hash value added to the 

2 5 received data. 

[Step S65] When the data is authenticated, the IPsec 
control circuit 310 passes the data to the cryptographic 
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processing circuit 320. Then, the cryptographic 

processing circuit 320 performs decryption processing. 

[Step S66] The CPU 301 analyzes the encapsulated 
data (i.e. removes a header and a trailer). 
5 [Step S67] The CPU 301 stores the data in the memory 

303. 

[Step S68] The CPU 301 passes the data to the main 
CPU 30a via the external connection interface 304 . The 
main CPU 30a processes the data according to an 
10 application program. 

It should be noted that the data flow in the data 
reception is reverse to that in the data distribution, 
i.e. data transmission, described with reference to FIGS. 
18 to 25. 

15 As described above, also in the data reception, the 

IPsec control circuit 310 performs the input/output of 
data to and from the cryptographic processing circuit 320 
and the hash function processing circuit 330. Further, 
the passing of data between the IPsec control circuit 310 

20 and the other circuits is executed by DMA. transfer. 

Next, the connection relationship between the IPsec 
control circuit 310 and the peripheral circuits and the 
functions of the circuits will be described in detail . 

FIG. 27 is a diagram showing an example of the 

2 5 internal configuration of the security network controller. 
The security network controller 300 includes the CPU 301, 
a bus selector 307, the cryptographic processing circuit 
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320, a data-in selector 306, the IPsec control circuit 
310, the hash function processing circuit 330, the memory 
controller 302, and the memory 303. 

The CPU 301 is connected to the bus selector 307 via 
5 a bus 381. The CPU 301 exchanges information with the 
other component elements via the bus selector 307 to 
thereby control the overall operation of the security 
network controller 300. Further, the CPU 301 receives 
external interrupt signals 390 from the cryptographic 

10 processing circuit 320, the IPsec control circuit 310, and 
the hash function processing circuit 330. Furthermore, 
the CPU 301 receives an external bus opening request 
acceptance signal 391 from the IPsec control circuit 310. 
An external bus opening request signal 392 is inputted 

15 from the CPU 301 to the IPsec control circuit 310 and the 
bus selector 307 . 

The bus selector 307 is connected to the 
cryptographic processing circuit 320, the IPsec control 
circuit 310, the hash function processing circuit 330, and 

20 the memory controller 302, via a bus 382. Further, the 
bus selector 307 is connected to the IPsec control circuit 
310 via a dedicated bus 383. The bus selector 307 
transmits data from the CPU 301 to each component 
connected to the bus 382 and transfers data from each 

2 5 component to the CPU 301, under the control of the CPU 
301. 

More specifically, the bus selector 307 selects a 
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control signal or the like outputted from one of the CPU 
301 and the IPsec control circuit 310, which is a bus 
master at the time, and outputs the same to another 
circuit. The outputted control signal or the like 

5 includes e.g. an address, a control signal, and write 
data, which are to be sent to another circuit. 

The cryptographic processing circuit 320 is a 
circuit that encrypts and decrypts data. In the second 
embodiment, the encryption/decryption is performed by DES 

10 (Data Encryption Standard) . The cryptographic processing 
circuit 320 is connected to the IPsec 310 control circuit 
via a dedicated bus 384. The cryptographic processing 
circuit 320 is connected to the data-in selector 306 via a 
dedicated bus 385. The cryptographic processing circuit 

15 320 acquires data to be encrypted or decrypted from the 
IPsec control circuit 310 via the bus 384. Then, the 
cryptographic processing circuit 320 encrypts or decrypts 
the acquired data and passes the same to the IPsec control 
circuit 310. 

2 0 In the second embodiment , the cryptographic 

processing circuit 320 performs 64-bit block cryptographic 
processing. In the cryptographic processing circuit 320, 
when 64-bit data is written therein, a start bit in an 
internal state machine is automatically turned on. Thus, 

25 encryption or decryption processing can be started 
immediately after writing of the data to be processed. 

Further, the encryption or decryption processing 
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performed by the cryptographic processing circuit 320 is a 
16-round process. Therefore, the end signal of the 
internal state machine is turned on when an internal 
counter has counted 16. This end signal is outputted to 
5 the IPsec control circuit 310. 

The cryptographic processing circuit 320 may be 
configured such that it performs encryption or decryption 
processing without operation of the IPsec control circuit 
310. In this case, the cryptographic processing circuit 

10 320 outputs the external interrupt signal 390 to the CPU 
301, instead of turning on the end signal. 

In addition to the connection relation described 
above, the data-in selector 306 is connected to the IPsec 
control circuit 310. The data-in selector 306 is also 

15 connected to the hash function processing circuit 330 via 
a bus 387. Further, the data-in selector 306 is connected 
to the CPU 301, the memory controller 302, and the IPsec 
control circuit 310, via a bus 388. The data-in selector 
306 selects one of signals inputted from the cryptographic 

20 processing circuit 320, the IPsec control circuit 310, and 
the hash function processing circuit 330, via the 
respective busses 385, 386, and 387, and outputs the 
selected signal to the CPU 301, the memory controller 302, 
and the IPsec control circuit 310, via the bus 388. 

2 5 As described above, the IPsec control circuit 310 is 

connected to the cryptographic processing circuit 320 via 
the bus 384, and also connected to the hash function 
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processing circuit 330 via the bus 389. The IPsec control 
circuit 310 has a 256-byte internal RAM and can store data 
to be encrypted/decrypted and data to be hashed. 

Further, the IPsec control circuit 310 incorporates 
5 a bus arbiter function performed by a DMAC (Direct Memory 
Access Controller) , and can perform bus arbitration with 
the CPU 301 to thereby become a bus master . By becoming 
the bus master, the IPsec control circuit 310 can set a 
transfer source address, a transfer destination address, a 

10 transfer volume and a mode for DMA transfer. 

The IPsec control circuit 310 having become the bus 
master basically performs operation for fetching data to 
be processed from a transfer source and writing processed 
data in a transfer destination. Then, after completion 

15 of data transfer, the IPsec control circuit 310 returns 
the bus right to the CPU 301. As described above, the 
IPsec control circuit 310 uses the function provided by 
the DMAC to acquire data to be encrypted/ decrypted or data 
to be authenticated by the hash function, by the DMA 

2 0 function from the memory 303. 

When data to be encrypted/ decrypted is acquired, the 
IPsec control circuit 310 passes the data to the 
cryptographic processing circuit 320. Then, the IPsec 
control circuit 310 receives the encrypted or decrypted 

2 5 data, and transfers the same to the memory 303 by DMA 
processing. On the other hand, when data to be 

authenticated is acquired, the IPsec control circuit 310 
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passes the data to the hash function processing circuit 
330 . It should be noted that the IPsec control circuit 
310 performs data fetch processing and data write 
processing, in parallel with encryption/decryption 
5 processing by the cryptographic processing circuit 320 and 
authentication processing by the hash function processing 
circuit 330 . 

Further, the IPsec control circuit 310 has an 
internal register that stores the length of data to be 

10 processed, and subtracts the length of a processed portion 
from the length of data to be processed after completion 
of each processing operation to manage the remainder of 
the data to be processed. Then, when all the processing 
operations have been completed, the IPsec control circuit 

15 310 outputs a processing end interrupt signal to the CPU 
301. 

The hash function processing circuit 330 is a 
circuit that generates a hash value using the hash 
function. More specifically, the hash function processing 

20 circuit 330 generates a hash value based on the data 
received from the IPsec control circuit 310 and passes the 
generated hash value to the CPU 301. 

It should be noted that in the second embodiment, 
the hash function processing circuit 330 performs 512 -bit 

2 5 block processing. Therefore, when 512 -bit data is 

written, a start bit of an internal state machine is 
turned on. With this, generation of a hash value is 
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started. 

The hash function processing circuit 330 carries out 
an 80-round process. Therefore, an end signal of the 
internal state machine is turned on when the internal 
5 counter has counted 80 . The end signal turned on is 
outputted to the IPsec control circuit 310. 

The hash function processing circuit 330 may be 
configured such that it performs authentication processing 
without operation of the IPsec control circuit 310 . In 
10 this case, the hash function processing circuit 330 
outputs the external interrupt signal 390 to the CPU 301, 
instead of turning on the end signal . 

The memory controller 302 performs writing or 
reading data into or from the memory 303. 
15 The memory 303 is connected to the memory controller 

302 . The memory 303 is a readable and writable 

semiconductor recording medium, such as an SRAM or a flush 
memory. 

With the configuration described above, when the 
2 0 IPsec control circuit 310 and the cryptographic processing 
circuit 320 are combined for interrelated complex 
operation, processes described below are executed. 

First, the IPsec control circuit 310 outputs the 
external bus opening request signal 392 to the CPU 301 . 
25 Thereafter, the CPU 301 outputs the external bus opening 
request acceptance signal 391, whereby the bus right is 
released to the IPsec control circuit 310. As a result, 
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encryption or decryption processing is started without 
operation of the CPU 301 . 

The IPsec control circuit 310 acquires data from the 
memory 303 by DMA. transfer. The acquired data is stored 
5 in a memory within the IPsec control circuit 310. It 
should be noted that the memory within the IPsec control 
circuit 310 has a double-sided structure. One side of the 
memory stores unencrypted or undecrypted data, and the 
other side stores encrypted or decrypted data. 

10 In the second embodiment, the cryptographic 

processing circuit 320 performs DES processing. The DES 
processing is executed in units of 64 bits. Therefore, 
when the IPsec control circuit 310 acquires data from the 
memory 303, DAM transfer of data having a length of an 

15 integral multiple of 64 bits is executed. In the second 
embodiment, it is assumed that data of 64 bytes (for eight 
operations of DES processing) is acquired at one time. 

FIG. 28 is a diagram showing data stored in the 
internal RAM of the IPsec control circuit for DES 

20 processing. As shown in FIG. 28, the internal RAM 311 of 
the IPsec control circuit 310 has an A side 311a and a B 
side 311b. Each of the A side 311a and the B side 311b 
can store data (128 bytes) for sixteen operations of the 
DES processing. The A-side 311a is a storage area for 

25 storing data to be processed, and the B-side 311b is a 
storage area for storing processed data. 

The data for DES processing acquired from the memory 
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303 by DMA transfer is stored in the A side 311a. For 
example, 64-byte data is stored in an area "AO" on the A 
side 311a by DMA transfer. The 64-byte data stored in the 
area "AO" is passed first to the cryptographic processing 
5 circuit 320 and subjected to DES processing. 

While DES processing is being executed on the data 
from the area "AO", following 64-byte data is stored in an 
area "Al" by DMA transfer. When the DES-processed data is 
outputted from the cryptographic processing circuit 320, 
10 the data is stored in a 64-byte area "BO" on the B side 
311b. 

In succession, the data stored in the 64-byte area 
"Al" on the A side 311a is passed to the cryptographic 
processing circuit 320 and subjected to DES processing. 

15 When the DES-processed data is outputted from the 
cryptographic processing circuit 320, the data is stored 
in a 64-byte area "Bl" on the B side 311b. 

When the processed data is stored in one of the 
areas "B0" and "Bl" on the B side 311b, the data in the B- 

20 side 311b is DMA transferred to the memory 303 by the 
IPsec control circuit 310 . 

When the IPsec control circuit 310 receives data, it 
outputs the external bus opening request signal 392 . When 
the reception of the data has been completed, the IPsec 

25 control circuit 310 returns the bus right to the CPU 301. 
At the same time, the cryptographic processing circuit 320 
and the IPsec control circuit 310 start processing using 
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the dedicated buses and dedicated control signals, without 
operation of the CPU 301 . For the IPsec control circuit 
310 to execute the above processing, the internal RAM 311 
has an increment structure as to the address for the 
5 processing. The encrypted data is stored in the B side 
311b of the 128-byte internal RAM 311 within the IPsec 
control circuit 310 . For the IPsec control circuit 310 to 
execute this processing, the internal RAM 311 has an 
increment structure as to the address for indication of 

10 the storage destination. More specifically, an address 
obtained by adding a predetermined value (corresponding to 
64 bytes) to an address used in the immediately preceding 
storage processing is designated. 

Whenever the processing of 64-byte data is 

15 completed, the IPsec control circuit 310 outputs the 
external bus opening request signal 392 to the CPU 301. 
After having acquired the bus right, the IPsec control 
circuit 310 writes the result of the computation into the 
memory 303. When the writing is completed, the bus right 

20 is returned to the CPU 301. 

It should be noted that even during computation by 
the cryptographic processing circuit 320, the external bus 
opening request signal 392 is outputted whenever the 
processing of 64-byte data in the internal RAM 311 storing 

25 data to be processed is completed. After the bus right is 
released to the IPsec control circuit 310 , data to be 
encrypted is fetched from the memory 303 . When the 
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fetching of the data to be encrypted is completed, the bus 
right is returned to the CPU 301 . 

Similarly, even during computation by the 
cryptographic processing circuit 320, the external bus 
* 5 opening request signal 392 is outputted whenever 64-byte 

data is stored in the B side 311b for storing computation 
result data or processed data. After the bus right is 
released to the IPsec control circuit 310, the result of 
the computation is written into the memory 303 . When the 
10 writing is completed, the bus right is returned to the CPU 
301. 

On the other hand, when the IPsec control circuit 
310 and the hash function processing circuit 330 are 
combined for interrelated complex operation, the internal 

15 RAM 311 is used as a 128-byte double-sided structure. in 
this case, the two sides are both used for writing. A 
hash value obtained as computation result data or 
processed data is stored in a 160-bit hash value storage 
register in the hash function processing circuit 330. 

20 Then, when the computation is completed, the hash value is 
passed from the hash value storage register to the CPU 
301. In the second embodiment, SHA1 processing is 

executed as hash processing. 

FIG. 29 is a diagram showing the configuration of 

25 the internal RAM of the IPsec control circuit when SHA1 
processing is performed. As shown in FIG. 29, each of the 
A-side 311a and the B-side 311b of the internal RAM 311 is 
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used as one area of 128 bytes. 

The IPsec control circuit 310 fetches data to be 
processed by the hash function from the memory 303 by DMA 
transfer. In this case, after 128 bytes are continuously 
5 written, the bus right is returned to the CPU 301. Then, 
the IPsec control circuit 310 and the hash processing 
circuit 330 start hash processing without operation of the 
CPU 301. 

The IPsec control circuit 310 immediately fetches 
10 data for hash processing from the memory 303 when one side 
of 128 bytes becomes empty during computation. In this 
case, after 128 bytes are continuously written, the bus 
right is returned. For the IPsec control circuit 310 to 
execute the above processing, the internal RAM 311 has an 
15 increment structure as to the address for the processing. 

Read data from the IPsec control circuit 310, the 
cryptographic processing circuit 320, or the hash function 
processing circuit 330 is outputted to the CPU 301 or the 
IPsec control circuit 310 via the data-in selector 306 or 
2 0 outputted to the memory 303 via the memory controller 302. 

Next, operations of the IPsec control circuit 310, 
the cryptographic processing circuit 320, and the hash 
function processing circuit 330 will be described in 
detail . 

25 FIG. 30 is a diagram showing the internal 

configuration of the IPsec control circuit . As shown in 
FIG. 30, the IPsec control circuit 310 is comprised of the 

91 



internal RAM 311, an internal RAM interface 312, a 
register group 313 , a slave bus interface 314 , a master 
bus interface 315, and a macro -interface 316. 

The internal RAM 311 stores data to be processed and 
5 processed data, as described with reference to FIGS. 26 
and 27. The internal RAM interface 312 is an interface 
that stores and reads data in and from the internal RAM 
311 . The register group 313 consists of a plurality of 
general -purpose registers for storing control data and the 

10 like. The slave bus interface 314 is an interface for 
operation as a slave on the bus 382 . The master bus 
interface 315 is an interface for operation as a bus 
master on the bus 382 . DAM transfer via the bus 382 is 
executed by the master bus interface 315. The macro- 

15 interface 316 is an interface for communication with the 
cryptographic processing circuit 320 and the hash function 
processing circuit 330. 

The IPsec control circuit 310 and the cryptographic 
processing circuit 320 are connected by respective signals 

20 lines for transmission of a write request signal 
(DREQ_WR) , a read request signal (DREQ_RD) , a write strobe 
signal (IP_WRX [0] ) , a read strobe signal (IP_RDX) , an 
address signal (IP_A) , a read data signal (IP_RD [31:0]), 
and a write data signal (IP__WD [31:0]). On the other 

2 5 hand, the IPsec control circuit 310 and the hash function 
processing circuit 330 are connected by the write data 
signal (IP_WD [31:0]), a write strobe signal <IP_WRX [1]), 
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and a write request: signal (DREQJWR) . 

The write request: signal (DREQ_WR) is a signal sent 
from the cryptographic processing circuit 320 to the IPsec 
control circuit 310 to request 32-bit data writing. 
5 The read request signal (DREQ__RD) is a signal sent 

from the cryptographic processing circuit 320 to the IPsec 
control circuit 310 to request 32-bit data reading. 

The write strobe signal (IP_WRX [0]) is a signal 
sent from the IPsec control circuit 310 to the 
10 cryptographic processing circuit 320 for notification of 
data writing. 

The read strobe signal (IP_RDX) is a signal sent 
from the IPsec control circuit 310 to the cryptographic 
processing circuit 320 for notification of reading data in 
15 the cryptographic processing circuit 320. 

The address signal (IP_A) is a signal sent from the 
IPsec control circuit 310 to the cryptographic processing 
circuit 320 for designation of an address for data access . 

The signal line for the read data signal (IP_RD 
20 [31:0]) is a dedicated bus via which 32-bit read data is 
passed from the cryptographic processing circuit 320 to 
the IPsec control circuit 310. 

The signal line for the write data signal (IP_WD 
[31:0]) is a dedicated bus via which 32-bit write data is 
25 passed from the IPsec control circuit 310 to the 
cryptographic processing circuit 320 or the hash function 
processing circuit 320. 
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The write strobe signal (IP_WRX [1]) is a signal 
sent from the IPsec control circuit 310 to the hash 
function processing circuit 330 for notification of data 
writing. 

5 The write request signal (DREQ_JWR) is a signal sent 

from the hash function processing circuit 330 to the IPsec 
control circuit 310 to request data writing. 

FIG. 31 is a diagram showing the internal 
configuration of the cryptographic processing circuit. 

10 The cryptographic processing circuit 320 is comprised of a 
key register 321, a hexadecimal counter 322, an arithmetic 
section 323 , a 64-bit data register group 324, and a 
binary counter 325. 

The cryptographic processing circuit 320 receives a 

15 clock signal, the address signal (IP_A) , the write data 
signal (IP_WD [31:0]), and the write strobe signal (IP_WRX 
[0]). The cryptographic processing circuit 320 operates 
in synchronism with the clock signal . The address signal 
(IP_A) is inputted to the key register 321, the arithmetic 

20 section 323, and the 64-bit data register group 324. The 
write data signal (IP__WD [31:0]) is inputted to the key 
register 321 and the 64-bit data register group 324. The 
write strobe signal (IP_WRX [0] ) is inputted to the key 
register 321, the arithmetic section 323, the 64-bit data 

25 register group 324, and the binary counter 325. 

The key register 321 is a register for storing key 
data (encryption key or decryption key) to be used for 
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encryption or decryption. The data stored in the key 
register 321 is inputted to the arithmetic section 323. 

The hexadecimal counter 322 counts the number of 
computations based on a computation enable signal inputted 
5 from the arithmetic section 323. As long as the number of 
computations is under 16 , the computation status 
indicating that computation is being executed is inputted 
to the arithmetic section 323. When the hexadecimal 
counter 322 has counted up to 16, a computation end signal 

10 is outputted. 

The arithmetic section 323 performs operation or 
computation for encryption or decryption. More 
specifically, the arithmetic section 323 starts 
computation in response to input of a computation start 

15 signal from the binary counter 325. For execution of the 
computation, first, the arithmetic section 323 acquires 
data to be processed from the 64 -bit data register group 
324. Then, the arithmetic section 323 encrypts or 

decrypts the data to be processed, by using key data 

20 inputted from the key register 321. When the computation 
is completed, the arithmetic section 323 stores the result 
of the computation in a register within the 64-bit data 
register group. It should be noted that the result of 
computation (processed data) is stored in a register that 

25 data to be processed has been stored, in a manner such 
that the data to be processed is overwritten. 

The 6 4 -bit data register group 324 is a register 
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group for storing data to be processed and a result of 
computation. More specifically, the 64-bit data register 
group 324 is comprised of two 32-bit registers. Data to 
be processed is inputted to the 64 -bit data register group 
5 324 as the 32 -bit write data signal, and then stored in 
one of the registers. On the other hand, when a result of 
computation is stored in the 64 -bit data register group 
324, it is outputted as the read data signal (IPJRD 
[31:0]) . 

10 The binary counter 325 is a counter that counts the 

number of inputs of the write strobe signal. When the 
write strobe signal is inputted twice, the binary counter 
325 outputs the computation start signal to the arithmetic 
section 323. More specifically, since the width of the 

15 bus for the write data signal is 32 bits, storage of data 
to be processed in the 64-bit data register group 324 is 
completed after two writing operations. Thus, after the 
write strobe signal is inputted twice, DES processing of a 
64-bit unit can be started. 

20 When DES processing is to be executed in the 

cryptographic processing circuit 320 described above, 
first, key data is stored in the key register 321. Then, 
data to be processed is written into the 64-bit data 
register group 324 as the write data signal in two writing 

25 operations. When the binary counter 325 detects that two 
writing operations have been performed, the computation 
start signal is outputted. 
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In response to the computation start signal, the 
arithmetic section 323 executes DES processing on the data 
to be processed, and writes the result of computation back 
into the 64-bit data register group 324. The result is 
5 outputted as read data from the 64-bit data register group 
324. Further , whenever DES processing is carried out by 
the arithmetic section 323 , an enable signal is outputted 
to the hexadecimal counter 322 , and the value of the 
hexadecimal counter is counted up. Then, when the count 

10 of the hexadecimal counter 322 reaches 16, the computation 
end signal is outputted. 

As described above, since the cryptographic 
processing circuit 320 in the second embodiment counts the 
number of data writes (in units of 32 bits) , it is 

15 possible to automatically recognize timing for starting 
computation upon completion of data writing and start the 
operation. More specifically, the binary counter 325 
functions as a data write counter which detects the start 
of the computation. Further, the hexadecimal counter 322 

20 functions as a computation round counter to recognize the 
end of computation by termination of a predetermined 
number of rounds of computation and output the computation 
end signal. It should be noted that the result of 
encryption or decryption is written over the 64-bit data 

25 register group 324 (2 x 32 bits) . 

Next, a description will be given of the internal 
configuration of the hash function processing circuit 330. 
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FIG. 32 is a diagram showing the internal 
configuration of the hash function processing circuit. 
The hash function processing circuit 330 is comprised of a 
hash value storage register 331, an 80 counter 332 , an 
5 arithmetic section 333 , a 512-bit data register group 334, 
and a hexadecimal counter 335 . 

The hash function processing circuit 330 receives 
the clock signal, the address signal, write data, and the 
write strobe signal. The hash function processing circuit 

10 330 operates in synchronization with the clock signal. 
The address signal is inputted to the arithmetic section 
333 and the 512-bit data register group 334. The write 
data is inputted to the arithmetic section 333 and the 
512-bit data register group 334. The write strobe signal 

15 is inputted to the arithmetic section 333, the 512-bit 
data register group 334, and the hexadecimal counter 335. 

The hash value storage register 331 is a register 
group for storing a hash value generated by the hash 
function processing. In the second embodiment, the hash 

2 0 value storage register 331 is comprised of five 32-bit 
registers and capable of storing 160-bit data in total. 

The 80 counter 332 counts the number of computations 
based on a computation enable signal inputted from the 
arithmetic section 333 . As long as the number of 

2 5 computations is smaller than 80, the computation status 
indicating that computation is being executed is inputted 
to the arithmetic section 333 . When the 80 counter 332 
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has counted up -bo 80, a computation end signal is 
outputted. 

The arithmetic section 333 performs a hash value- 
computing process based on the hash function. More 
5 specifically, the arithmetic section 333 starts 
computation in response to input of a computation start 
signal from the hexadecimal counter 335. To execute the 
computation, first, the arithmetic section 333 acquires 
data to be processed, from the 512-bit data register group 

10 334. Then, the arithmetic section 333 generates a hash 
value based on the data to be processed. When the 
computation is completed, the arithmetic section 333 
stores the result of computation in a register within the 
512-bit data register group 334 . The result of 

15 computation is stored in a register that data to be 
processed has been stored, in a manner such that the data 
to be processed is overwritten. 

The 512 -bit data register group 334 is a register 
group for storing data to be processed and a result of 

20 computation. More specifically, the 512-bit data register 
group 334 is comprised of sixteen 32-bit registers. Data 
to be processed are inputted to the 512 -bit data register 
group 334 as the 32 -bit write data signal and sequentially 
stored in the respective registers. 

25 The hexadecimal counter 335 is a counter that counts 

the number of inputs of the write strobe signal . When the 
write strobe signal is inputted 16 times, the hexadecimal 
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counter 335 outputs the computation start signal to the 
arithmetic section 333. More specifically, since the 
width of the bus for the write data signal is 32 bits, 
storage of data to be processed in the 512 -bit data 
5 register group 334 is completed after sixteen writing 
operations. Thus, after the write strobe signal is 
inputted 16 times, hash function processing of a 512-bit 
unit can be started. 

In the hash function processing circuit 330 

10 configured as above, when a hash value is to be generated 
based on the hash function, first, data to be processed is 
stored in units of 32 bits in the 512 -bit data register 
group 334 . The number of writing operations is counted by 
the hexadecimal counter 335 , and hence when the number of 

15 writing operations reaches sixteen, the computation start 
signal is outputted from the hexadecimal counter 335 . In 
response to the computation start signal, the arithmetic 
section 333 starts computation according the hash 
function. More specifically, the arithmetic section 333 

20 obtains data to be processed from the 512-bit data 
register group 334 and executes processing according to 
the hash function. The processing repeatedly carried out 
80 times by the arithmetic section 333 generates a hash 
value, which is then stored in the hash storage register 

25 331. The data within the hash value storage register 331 
is outputted as read data. At this time, the 80 counter 
332 detects that the number of computations has reached 
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80, and outputs the computation end signal. 

Thus, the hash function processing circuit 330 
generates a hash value. 

The CPU 301, the IPsec control circuit 310, the 
5 cryptographic processing circuit 320, and the hash 
function processing circuit 330 are discrete circuits 
which can process data in parallel with each other. In 
the following, a description will be given of the 
procedure of processing executed by each of the CPU 301, 
10 IPsec control circuit 310, the cryptographic processing 
circuit 320, and the hash function processing circuit 330. 

FIG. 33 is a first diagram showing operations of 
each circuit for cryptographic processing in a time 
sequence. In the following, a process shown in FIG. 33 
15 will be described in the order of step numbers . It should 
be noted that in the second embodiment, the cryptographic 
processing circuit 320 performs DES processing, and the 
hash function processing circuit 330 performs SHA1 
processing. 

20 [Step S71] Each circuit sets initial values. The 

cryptographic processing circuit 320 sets an algorithm 
(DES) and a key. At this time, the write request signal 
(DREQ_WR [0]) has been asserted. The hash function 
processing circuit 330 sets an algorithm (SHA1) . At this 

25 time, the write request signal (DREQ_WR [1]) has been 
asserted. The IPsec control circuit 310 is on standby for 
acquiring data to be processed (target data) . At this 
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'time, the CPU 301 is operating as the bus master for the 
main bus . 

[Step S72] The IPsec control circuit 310 sets a 
source address, a destination address, and a data length 
5 as parameters necessary for DMA. transfer. The 
cryptographic processing circuit 320 enters a standby 
state . 

[Step S73] The IPsec control circuit 310 turns on an 
operation start control bit within a control/mode register 
10 [1:0] (i.e. sets the value to w l") . 

[Step S74] The IPsec control circuit 310 asserts an 
external bus relinquish request signal (BRQ) . 

[Step S75] The CPU 301 asserts an external bus 
relinquish acceptance signal (BGNT) and stops operating as 
15 the bus master. The IPsec control circuit 310 becomes the 
bus master, and fetches 64-byte data from the memory 303 
to the internal RAM 311 by DMA transfer. 

[Step S76] The IPsec control circuit 310 completes 
the data fetch and deasserts the external bus relinquish 
20 request signal (BRQ) . The CPU 301 deasserts the external 
bus relinquish acceptance signal (BGNT) and becomes the 
bus master. 

[Step S77] The IPsec control circuit 310 writes the 
64-bit data into the cryptographic processing circuit 320 
25 in two operations and completes the writing. At this time 
point, the IPsec control circuit 310 subtracts the length 
of 8 bytes from the data length stored in the data length 
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register. Upon completion of the data writing from the 
IPsec control circuit 310 , the cryptographic processing 
circuit 320 starts cryptographic processing (encryption or 
decryption) . At this time point , the cryptographic 

5 processing circuit 320 deasserts the write request signal 
(DREQ_WR [0]). In the meantime, the CPU 301 executes 
other processing (including packet reception and protocol 
processing) using the internal bus . 

[Step S78] The cryptographic processing circuit 320 

10 executes the cryptographic processing. The IPsec control 
circuit 310 asserts the external bus relinquish request 
signal (BRQ) . At this time, the CPU 301 is still 
operating as the bus master. 

[Step S79] The CPU 301 asserts the external bus 

15 relinquish acceptance signal (BGNT) and stops operating as 
the bus master. The IPsec control circuit 310 becomes the 
bus master, and fetches 64-byte data from the memory 303 
to the internal RAM 311 by DMA transfer. 

FIG. 34 is a second diagram showing operations of 

2 0 each circuit for cryptographic processing in a time 
sequence. In the following, a process shown in FIG. 34 
will be described in the order of step numbers. 

[Step S80] The IPsec control circuit 310 completes 
the data fetch and deasserts the external bus relinquish 

2 5 request signal (BRQ) . The CPU 301 deasserts the external 
bus relinquish acceptance signal (BGNT) and becomes the 
bus master. In the meantime, the cryptographic processing 
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by the cryptographic processing circuit 320 is completed, 
and the read request signal (DREQ__RD) is asserted by the 
cryptographic processing circuit 320, 

[Step S81] The IPsec control circuit 310 recognizes 
5 the start of data transfer from the cryptographic 
processing circuit 320, and fetches the 64-bit data in two 
operations. In the meantime, the CPU 301 executes other 
processing (including packet reception and protocol 
processing) using the internal bus . 

10 [Step S82] The IPsec control circuit 310 asserts the 

external bus relinquish request signal (BRQ) . 

[Step S83] The CPU 301 asserts the external bus 
relinquish acceptance signal (BGNT) and stops operating as 
the bus master. The IPsec control circuit 310 becomes the 

15 bus master, and writes 64 -byte data from the internal RAM 
311 into the memory 303 by DMA transfer. 

[Step S84] The IPsec control circuit 310 completes 
data writing and deasserts the external bus relinquish 
request signal (BRQ) . The CPU 301 deasserts the external 

2 0 bus relinquish acceptance signal (BGNT) and becomes the 
bus master. The cryptographic processing circuit 320 
deasserts the read request signal (DREQ__RD) and asserts 
the write request signal (DREQ_WR [0]) at the same time, 
and enters a standby state. 

25 [Step S85] The above steps S74 to S84 are repeatedly 

carried out until the value of the data length register 
becomes equal to "0" . When the value of the data length 
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register becomes equal to "0" , the processing proceeds to 
a step S86. 

[Step S86] The IPsec control circuit 310 outputs a 
processing end interrupt signal. The CPU 301 stores the 
5 result of the cryptographic processing corresponding to 
the data length in the memory 303. 

Next, a description will be given of hash value 
generation processing based on the hash function. 

FIG. 35 is a diagram showing operations of circuits 
10 for hash value generation processing in a time sequence. 
In the following, a process shown in FIG. 35 will be 
described in the order of step numbers . 

[Step S91] Each circuit sets the initial values. 
The cryptographic processing circuit 320 sets the 
15 algorithm (DES) and the key. At this time, the write 
request signal (DREQ_WR [0]) has been asserted. The hash 
function processing circuit 330 sets the algorithm (SHA1) . 
At this time, the write request signal (DREQ_WR [1]) has 
been asserted. The IPsec control circuit 310 is on 
20 standby for acquiring data to be processed (target data) . 
At this time, the CPU 301 is operating as the bus master 
for the main bus . 

[Step S92] The IPsec control circuit 310 sets a 
source address, a destination address, and a data length 
25 as parameters necessary for DMA transfer. 

[Step S93] The IPsec control circuit 310 turns on 
the operation start control bit within the control/mode 
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register [1:0] (i.e. sets the value to "1") . 

[Step S94] The IPsec control circuit 310 asserts the 
external bus relinquish request signal (BRQ) . 

[Step S95] The CPU 301 asserts the external bus 
5 relinquish acceptance signal (BGNT) and stops operating as 
the bus master. The IPsec control circuit 310 becomes the 
bus master, and fetches the 128-byte data from the memory 
303 to the internal RAM 311 by DMA transfer. 

[Step S96] The IPsec control circuit 310 completes 
10 the data fetch and deasserts the external bus relinquish 
request signal (BRQ) . The CPU 301 deasserts the external 
bus relinquish acceptance signal (BGNT) and becomes the 
bus master . 

[Step S97] The IPsec control circuit 310 writes 512- 
15 bit data into the hash function processing circuit 330 in 
sixteen operations and completes the writing. At this 
time point, the IPsec control circuit 310 subtracts the 
length of 64 bytes from the data length stored in the data 
length register. Upon completion of data writing from the 
20 IPsec control circuit 310 , the hash function processing 
circuit 330 starts hash function processing. At this time 
point, the hash function processing circuit 330 deasserts 
the write request signal (DREQ_WR [1]). In the meantime, 
the CPU 301 executes other processing (including packet 
25 reception and protocol processing) using the internal bus. 

[Step S98] The steps S94 to S97 are repeatedly 
carried out until the value of the data length register 
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becomes equal to "0". When the value of the data length 
register becomes equal to u 0", the process proceeds to a 
step S99. 

[Step S99] The IPsec control circuit 310 outputs the 
5 processing end interrupt signal. The CPU 301 reads a 
generated hash value. 

Next, operation waveforms during execution of 
cryptographic processing and hash function processing will 
be described with reference to timing charts . 
10 FIG. 36 is a first timing chart showing operation 

waveforms of the signals in the buses between the IPsec 
control circuit and the cryptographic processing circuit. 
In FIG. 36, the signals at the terminals of the IPsec 
control circuit 310 are shown in the upper half, and the 
15 signals at the terminals of the cryptographic processing 
circuit 320 and data within the cryptographic processing 
circuit 320 are shown in the lower half. 

As signals on the side of the IPsec control circuit 
310, there are shown the address signal (IP__A) , the write 
20 strobe signal (IP_WRX [0]), the read strobe signal 
(IP_RDX) , the write data signal (IP_WD [31:0]), the read 
data signal (IP_RD [31:0]), the write request signal 
(DREQ__WR) , and the read request signal (DREQ_RD) . 

As signals on the side of the cryptographic 
25 processing control circuit 320 side, there are shown the 
address signal (IP_A) , the write strobe signal (IP_WRX 
[0]), the read strobe signal (IP_RDX) , the write data 
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signal (IP_WD [31:0]), the read data signal (IP_RD 
[31:0]), a first data register value (DESDR_U) , a second 
data register value (DESDR_L) , the computation start 
signal (des_start) , an computation status (DSTA) , the 
5 write request signal (DREQ_WR) , and the read request 
signal (DREQ_RD) . The first data register value (DESDR_U) 
is indicative of the value of one data register (first 
data register) within the 64-bit data register group 324. 
The second data register value (DESDR_L) is the value of 

10 the other data register (second data register) within the 
64-bit data register group 324. 

It should be noted that each signal shown in FIG. 36 
is a active-low signal . 

In response to a write signal, data from the IPsec 

15 control circuit 310 is written in units of 32 bits into 
the first data register and the second data register. 
When the data is written into the registers , the 
computation start signal (des__start) is asserted. At the 
same time, the computation status (DSTA) is also turned 

20 on. The completion of computation is recognized by the 
hexadecimal counter 322 showing a terminating number, 
whereupon a control signal is outputted, and the 
computation status (DSTA) is turned off. 

The address signal (IP_A) is a one-bit signal that 

25 operates as an address for designating the first data 
register or the second data register. When writing in the 
first register is to be performed, the address signal 
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(IP_A) shows "0" (low level) and when writing in the 
second data register is to be performed, the address 
signal (IP_A) shows "1" (high level) . 

The write request signal (DREQ_WR) is a signal sent 
5 from the cryptographic processing circuit 320 to the IPsec 
control circuit 310 for data request. This signal is 
asserted when computation is not being carried out and 
when reading of a result of computation is not being 
awaited. First, the write request signal (DREQ_WR) is 

10 asserted before computation, and deasserted after 
completion of data writing in the 64-bit data register 
group 324. After completion of the computation, the read 
request signal (DREQ__RD) is asserted. The read request 
signal (DREQ_RD) is a data read request signal indicating 

15 that data is ready for reading, in a state stored in the 
64-bit data register group 324 in an overwriting manner. 
After the IPsec control circuit 310 carries out reading, 
the read request signal (DREQ_RD) is deasserted, and the 
write request signal (DREQ_WR) is asserted again. 

20 Further, as far as the cryptographic processing circuit is 
concerned, the bus for carrying the write data signal 
(IP_WD [31:0]) from the IPsec control circuit 310 to the 
cryptographic processing circuit and the bus for carrying 
the read data signal (IP__RD [31:0]) from the cryptographic 

25 processing circuit to the IPsec control circuit 310 are 
provided so that the IPsec control circuit 310 can perform 
both writing and reading of data to be processed. 
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In the following , changes of each signal shown in 
FIG. 36 will be described in a time sequence. 

At a time t41 , the write request signal (DREQ_WR) is 
asserted. 

5 At a time t42 (one cycle after the time t41) , the 

write strobe signal (IP_WRX [0]) is asserted. At the same 
time, data (32 bits) to be processed is outputted from the 
IPsec control circuit 310 as the write data signal (IP_WD 
[31:0]) . 

10 At a time t43 (one cycle after the time t42) , the 

target data to be processed is stored as the first data 
register value (DESDR_U) in the first data register of the 
64-bit data register group 324 of the cryptographic 
processing circuit 320. 

15 At a time t44 (one cycle after the time t43) , the 

output of the data to be processed as the write data 
signal (IP_WD [31:0]) is stopped, and the write strobe 
signal (IP_WRX [0]) is deasserted. At the same time, the 
address signal (IP__A) is set to "1" by the IPsec control 

20 circuit 310. More specifically, the address of the second 
data register of the 64-bit data register group 324 is 
designated . 

At a time t45 (one cycle after the time t44) , the 
write strobe signal (IP_WRX [0]) is asserted. At the same 
2 5 time, the data (32 bits) to be processed is outputted from 
the IPsec control circuit 310 as the write data signal 
(IP WD [31:0] ) . 
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At a time t46 (one cycle after the time t45) , the 
data to be processed is stored as the second data register 
value (DESDR_L) in the second data register of the 64-bit 
data register group 324 of the cryptographic processing 
5 circuit 320. 

At a time t47 (one cycle after the time t46) , the 
address signal (IP_A) is set to "0" by the IPsec control 
circuit 310, and the write strobe signal (IP_WRX [0]) is 
deasserted. At the same time, data output as the write 
10 data signal (IP_WD [31:0]) is stopped. Further, in the 
cryptographic processing circuit 320, the computation 
start signal (des_start) is asserted. 

At a time t48 (one cycle after the time t47) , the 
computation status (DSTA) is turned on, and the 
15 computation start signal (des_start) is deasserted. 

At a time t49 (one cycle after the time t48) , the 
write request signal (DREQ_WR) is negated. Then, DES 
processing is executed in the cryptographic processing 
circuit 320. 

20 FIG. 37 is a second timing chart showing operation 

waveforms of the signals in the buses between the IPsec 
control circuit and the cryptographic processing circuit. 
The operation waveforms shown in FIG. 37 are those after 
completion of the DES processing. 

25 At a time t51 when the DES process is completed, the 

computation status (DSTA) is turned off. 

At a time t52 (one cycle after the time t51) , the 
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read request signal (DREQ_RD) is asserted by the 
cryptographic processing circuit 320. 

At a time t53 (one cycle after the time t52) , the 
read strobe signal (IP_RDX) is asserted. 
5 At a time t54 (one cycle after the time t53) , 

processed data (32 bits) is outputted from the 
cryptographic processing circuit 320 as the read data 
signal (IP_RD [31:0]) and read in by the IPsec control 
circuit 310. At this time, since the address signal 

10 (IP_A) assumes "0", the data in the first data register is 
outputted as the read data signal (IP_RD [31:0]). 

At a time t55 (one cycle after the time t54) , the 
read strobe signal (IP__RDX) is deasserted, and the address 
signal (IP_A) is set to "1" by the IPsec control circuit 

15 310. 

At a time t56 (one cycle after the time t55) , the 
read strobe signal (IP_RDX) is asserted. At the same 
time, data output as the read data signal (IP_RD [31:0]) 
is temporarily stopped. 

20 At a time t57 (one cycle after the time t56) , 

processed data (32 bits) is outputted from the 
cryptographic processing circuit 320 as the read data 
signal (IP_RD [31:0]) and read in by the IPsec control 
circuit 310. At this time, since the address signal 

25 (IP_A) assumes "1", the data in the second data register 
is outputted as the read data signal (IP_RD [31:0]). 

At a time t58 (one cycle after the time t57) , the 
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read strobe signal (IP_RDX) is deasserted, and the address 
signal (IP__A) is set to "1" by the IPsec control circuit 
310. 

At a time t59 (one cycle after the time t58) , the 
5 read request signal (DREQ_RD) is deasserted. At the same 
time, data output as the read data signal (IP_RD [31:0]) 
is stopped. 

At a time t60 (one cycle after the time t99) , the 
write request signal (DREQ_WR) is asserted, and DES 

10 processing for following data is carried out. 

FIG. 38 is a timing chart showing operation 
waveforms of the signals in the buses between the IPsec 
control circuit and the hash function processing circuit. 
In FIG. 38, signals at the terminals of the IPsec control 

15 circuit 310 are shown in the upper half, and signals at 
the terminals of the hash function processing circuit 330 
and data within the hash function processing circuit 330 
are shown in the lower half. It should be noted that this 
example shows operation waveforms in SHA1 processing by 

20 the hash function processing circuit 330. 

As signals on the side of the IPsec control circuit 
310, there are shown the write strobe signal (IP__WRX [1] ) , 
the write data signal (IP_WD [31:0]), and the write 
request signal (DREQ_WR) . 

2 5 As signals on the side of the hash function 

processing circuit 330, there are shown the write strobe 
signal (IP_WRX [1]), the write data signal (IP_WD [31:0]), 
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a first data register value (WO [31:0]), a sixteenth data 
register value (W15 [31:0]), the computation start signal 
(hash_start) , the computation status (HSTA) , and the write 
request signal (DREQ_WR) . 
5 In response to the write strobe signal (IP__WRX [1] ) , 

data from the IPsec control circuit 310 is written into 
the sixteen data registers that form the 512 -bit data 
register group 334 . When the data is written into all of 
the sixteen registers, it is recognized that data set is 

10 completed, and the computation start signal (hashes tart) 
is asserted and the computation status (HSTA) is turned 
on. The completion of computation is recognized by the 80 
counter 322 showing a terminating number, whereupon a 
computation end signal is outputted, and the computation 

15 status (HSTA) is turned off. 

It should be noted that each of the data registers 
forming the 512 -bit data register group 334 is formed by a 
shift register. More specifically, data is written into a 
first data register of the register group 334 each time, 

2 0 and whenever the write strobe signal is inputted, the 
value of each data register is shifted to a data register 
at the next stage. Therefore, a signal for identifying 
the address of each data register of the 512 -bit data 
register group is not required. 

2 5 It should be noted that the write request signal 

(DREQ_WR) sent from the hash function processing circuit 
330 to the IPsec control circuit 310 for data request is 
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asserted when the hash function processing circuit 330 is 
not carrying out computation. More specifically, first, 
the write request signal (DREQ_WR) is asserted before 
computation, and deasserted after completion of data 
5 writing into the 512-bit data register group 334. When 
the computation is completed, the write request signal 
(DREQ_WR) is asserted again. 

As shown in FIG. 30, within the hash function 
processing circuit 330, there exist the hash value storage 

10 register 331 for storing the result of computation and the 
512-bit data register group 334 for hash computation. 
According to the configuration of the algorithm, hash 
function processing is completed after padding a 
processing unit to a multiple of 512 bits, and processing 

15 the processing unit by the hash function at least once, 
usually several times . 

In a first computation, a constant peculiar to the 
algorithm is used as a hash value, and in a second 
computation et seq. , the preceding result of computation 

20 is added to an intermediate result of computation to 
obtain a result of computation, which is stored in a 
register within the hash function processing circuit. In 
the case of packet authentication, hash processing is 
completed when processing of one packet is executed, and 

2 5 reading from the hash value storage register within the 
hash function can be conducted at the end. Since the 
IPsec control circuit 310 performs writing of only data to 
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be processed, there is provided the dedicated bus for the 
write data signal (IP__WD [31:0]) via which write data is 
carried from the IPsec control circuit 310 to the hash 
function processing circuit 330 . 
5 In the following, changes of each signal shown in 

FIG. 38 will be described in a time sequence. 

First, at a time t71, the write request signal 
(DREQ_WR) is deasserted. 

At a time t72 (one cycle after the time t71) , the 
10 write strobe signal (IP_WRX [0]) is asserted, and at the 
same time, data to be processed is outputted as the write 
data (IP_WD [31:0]) by the IPsec control circuit 310. 

At a time t73 (one cycle after the time t72) , the 
data to be processed which is outputted as the write data 
15 signal (IP_WD [31:0]) is set in the first data register 
(WO [31:0] ) . 

At a time t74 (one cycle after the time t73) , the 
write strobe signal (IP__WRX [0]) is deasserted, and at the 
same time, the output of the data to be processing as the 
20 write data (IP_WD [31:0]) is stopped. 

Then, data is repeatedly transferred until data 
transfer is carried out sixteen times. 

At a time t81 when the sixteenth data transfer 
starts, the write strobe signal (IP_WRX [0]) is asserted, 
25 and at the same time, data to be processed is outputted as 
the write data (IP_WD [31:0]) by the IPsec control circuit 
310. 
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At a time t82 (one cycle after the time t81) , the 
target data outputted as the write data (IP_WD [31:0]) is 
set in the first data register (WO [31:0]). At the same 
time, the data units within the 512 -bit data register 
5 group 334 are sequentially shifted, and the 32-bit data 
transferred first is stored in the sixteenth data register 
value (W15 [31:0] ) . 

At a time t83 (one cycle after the time t82) , the 
write strobe signal (IP_WRX [1]) is deasserted, and at the 
10 same time, the output of the data to be processed, as the 
write data (IP_WD [31:0]) is stopped. At this time, it is 
recognized that the sixteen data writing operations are 
completed, and the computation start signal (hash_start) 
is asserted. 

15 At a time t84 (one cycle after the time t83) , the 

computation status (HSTA) is turned on, and the 
computation start signal (hash_start) is deasserted. 

At a time t85 (one cycle after the time t84) , the 
write request signal (DREQ_WR) is asserted, and the hash 

20 function processing is executed. 

When the number of computations reaches eighty, it 
is judged that the hash function processing is completed, 
and at this time t91 , the computation status (HSTA) is 
turned off. 

25 At a time t92 (one cycle after the time t91) , the 

write request signal (DREQ__WR) is deasserted. 

As described above, according to the security 
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network controller 300, since the IPsec control circuit 
310 performs data input/output to and from the 
cryptographic processing circuit 320 and the hash function 
processing circuit 330, processing load on the CPU 301 is 
5 reduced . 

It should be noted that the ranges of encryption and 
authentication of communication data vary with 
communication protocols . 

FIGS. 39A and 39B are diagrams useful in explaining 

10 the respective ranges of encryption and authentication in 
the transport mode ESP. FIG. 39A shows an IPv4 packet, 
while FIG. 39B shows an IPv6 packet. 

The IPv4 packet 50 is comprised of an IP header 51, 
an ESP header 52, a TCP header 53, data 54, an ESP trailer 

15 55, and an ESP authentication header 56. In the IPv4 
packet 50, the TCP header 53, the data 54, and the ESP 
trailer 55 form the range of encryption. The ESP header 
52, the TCP header 53, the data 54, and the ESP trailer 55 
form the range of authentication . 

20 The IPv6 packet 60 is comprised of an IPv6 header 

61, a routing header 62, an ESP header 63, a destination 
options header 64, a TCP header 65, data 66, an ESP 
trailer 67 , and an ESP authentication header 68 . In the 
IPv6 packet 60 , the destination options header 64 , the TCP 

2 5 header 65, the data 66, and the ESP trailer 67 form the 
range of encryption. The ESP header 63, the destination 
options header 64, the TCP header 65, the data 66, and the 
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ESP trailer 67 form the range of authentication. 

In packet generation using the transport mode ESP, 
for example, authentication processing using a keyed hash 
function (HMAC-SHA1 or HMAC-MD5) is carried out for 
5 information of a range. 

FIG. 40 is a diagram showing an authentication range 
of the AH (Authentication Header) . The configuration of 
the AH packet 70 is the same as that of the IPv4 or IPv6 
packet. The AH packet 70 is comprised of an IP header 71, 

10 an AH header 72, a TCP header 73, and data 74. In the AH 
packet 70, all the elements form the authentication range. 
In other words, it is required to subject the whole packet 
to authentication processing using a keyed hash function 
(HMAC-SHA1 or HMAC-MD5) . 

15 Further, the max i mum packet size is determined 

depending on a connection medium of the network. The 
following description will be given by taking the example 
of the size of an IP packet generated when a network 
(IEEE802.3) called Ethernet (registered trademark) is used 

2 0 as the connection medium. 

It should be noted that the effects of the present 
invention will be described by taking the example of 
authentication processing of one packet when the IEEE802.3 
network is used. In the authentication processing, HMAC 

25 processing is executed at the start and at the end, and 
hence, as far as the function is concerned, setting (mode 
setting concerning whether or not HMAC processing should 
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be executed, or whether the algorithm is MD5 or SHA1) is 
executed by the CPU, whereafter hardware processing is 
carried out seamlessly. This makes it possible to reduce 
load on the CPU and to fully utilize the performance of 
5 the hardware. Further, it is also possible to use a DMAC 
(Direct Memory Access Controller) to carry out 
authentication processing by the CPU independently. 

FIG. 41 is a diagram showing the size of an IP 
packet. As shown in FIG. 41, the IP packet 80 is 

10 comprised of an IPv6 header 81, a routing header 82, an 
destination options header 83, a TCP header 84, and data 
85 . The maximum size of the IP packet configured as above 
and generated in the IEEE802 . 3-compliant network is 
approximately 1,500 bytes (40 bytes for the IPv6 header 

15 and 1,460 bytes or less for the remainder) . 

The MD5 or SHA1 authentication algorithm used as a 
hash function is a 64-byte (512-bit) block function. 
Therefore, even in processing of one packet, hash 
processing is executed more than twenty times at the 

2 0 maximum. The hash function is also used in key 

management . 

FIG. 42 is a diagram showing a phase 1 using IKE 
main mode. The phase 1 is the first half of a key 
exchange protocol. FIG. 42 shows messages exchanged 
2 5 between an initiator and a responder. In a first message 
(Message #1) , ISAKMP-SA (source address) negotiation is 
started. In a second message (Message #2) , a basic SA is 
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approved. In a third message (Message #3) and a fourth 
message (Message #4) , the each others' keys are exchanged. 
In a fifth message (Message #5) , the initiator is 
identified by the responder. In a sixth message (Message 
5 #6), the responder is identified by the initiator. It 
should be noted that the fifth message (Message #5) and 
the sixth message (Message #6) has encrypted payloads . 

The IPsec as an essential function in the IPv6 
protocol generates a packet to be sent via the network, in 

10 the form of a MAC frame containing an IP packet , after 
encryption and authentication processing, and then 
transmits the packet via the communication interface. 

When the packet is received, authentication 
processing and decryption processing are carried out. The 

15 range for decryption processing and the range for 
authentication processing are as shown in FIG. 39. The 
encrypted range corresponds to the range for decryption 
processing to be executed at the time of reception. The 
term "authentication" is intended here to mean processing 

2 0 of applying hash function processing to the data in the 
authentication range illustrated in FIG. 39 and adding the 
processed data to the end of the packet. 

When the Ethernet (registered trademark) defined by 
IEEE802.3 is used as the physical layer of the network, 

25 the maximum size of an IP packet is approximately 1,500 
bytes. In other words, for authentication by the hash 
function, processing is executed approximately twenty 
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times at the maximum, and for encryption in a case where 
DES or 3DES is used as the cryptographic algorithm, 
cryptographic processing is executed approximately 180 
times at the maximum . 
5 Further, as processing in the faze 1 which is the 

first half of the key exchange protocol shown in FIG. 42, 
the cryptographic processing is carried out in 
transmission and reception of each of the first to the s 
sixth messages. Further, in the following faze 2, in a 

10 session for establishing SAs, the cryptographic processing 
and the hash function processing are carried out a large 
number of times. In the third and the fourth messages, 
for example, values for key generation are exchanged, and 
in each case, the exchange values required for key 

15 generation are generated by using the hash function and 
the cryptographic algorithm. 

As described above, the cryptographic processing and 
the hash function processing are used very frequently in 
IPsec. Consequently, the second embodiment which makes it 

2 0 possible to achieve fast cryptographic processing and hash 
processing (authentication processing) , bypassing the CPU, 
as described above, is advantageous in enhancing 
processing capability of a system as a whole. Moreover, 
since installation of an IPsec control circuit in a 

25 security network controller can be realized at a lower 
cost, compared with increasing the operating speed of a 
CPU, it is possible to provide a comfortable communication 
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speed at a reasonable price meeting the needs of the 
market . 

FIG. 43 is a diagram showing results of evaluations 
of performance of the cryptographic processing by the 
5 prior art and that of the cryptographic processing by the 
second embodiment. This is an example of a case where 
3DES-CBC cryptographic processing is executed on 1,496- 
byte data. In the example in FIG. 43, software-based 
processing (in which a CPU executes a program describing 

10 an encryption procedure) , processing by a combination of a 
CPU and a cryptographic processing circuit (in which the 
CPU controls data input/output) and processing by a 
combination of an IPsec control circuit and a 
cryptographic processing circuit (i.e. the configuration 

15 according to the second embodiment) are compared. 

To be more specific, in the case of software -based 
processing, the program of the processing, which is coded 
in the C language and stored in a flush memory, is 
executed by the CPU. Further, the configuration of the 

20 combination of the IPsec control circuit and the 
cryptographic processing circuit is implemented by a PUD 
(Programmable Logic Device) . 

In the software -based processing, it takes 264,917 
micro seconds for encryption and 264919 micro seconds for 

25 decryption. In the processing by the combination of the 
CPU and the cryptographic processing circuit, it takes 
2977 micro seconds for encryption and 2 97 9micro seconds 
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for decryption. In the processing by the combination of 
the IPsec control circuit and the cryptographic processing 
circuit, it takes 579 micro seconds for encryption and 581 
micro seconds for decryption . 
5 FIG. 44 is a diagram showing results of evaluations 

of performance of the hash function processing by the 
prior art and that of the hash function processing by the 
second embodiment . This is an example of a case where 
HMAC-SHA1 hash function processing is executed on 1500- 

10 byte data. In the example in FIG. 44, software-based 
processing, processing by a combination of a CPU and a 
hash function processing circuit and processing by a 
combination of an IPsec control circuit and a hash 
function processing circuit are compared. It should be 

15 noted that the configuration of the combination of the 
IPsec control circuit and the hash function processing 
circuit is implemented by a PLD (Programmable Logic 
Device) . 

In the software-based processing, it takes 41 , 309 
2 0 micro seconds for encryption in the hash function 
processing. In the processing by the combination of the 
CPU and the hash processing circuit, it takes 2,258 micro 
seconds for encryption in the hash function processing. 
In the processing by the combination of the IPsec control 
25 circuit and the hash processing circuit, it takes 297 
micro seconds for encryption in the hash function 
processing . 
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As described above, the actual processing 
performance was evaluated as to the 3DES-CBC cryptographic 
processing and the HMAC-SHA1 processing. As a result, in 
the 3DES-CBC cryptographic processing, the application of 
5 the second embodiment thereto makes it possible to achieve 
approximately 457 times faster process speed, compared 
with the conventional software -based processing. Further, 
the application of the second embodiment thereto makes it 
possible to achieve approximately 5 times faster 
10 processing speed, compared with the processing by a 
combination of the dedicated cryptographic circuit and the 
CPU. 

In the HMAC-SHA1 hash function processing, the 
application of the second embodiment thereto makes it 

15 possible to achieve approximately 139 times faster 
processing speed, compared with the software-based 
processing. Further, the application of the second 

embodiment thereto makes it possible to achieve 
approximately 8 times faster processing speed, compared 

20 with the processing executed by the dedicated hash 
function processing circuit and the CPU. 

As described above, according to the second 
embodiment, it is possible to perform secure data 
communication at a very high speed. Therefore, even in 

25 streaming distribution of moving image data, it is 
possible to stably transmit/ receive secure data. 

Further, since the cryptographic processing circuit 
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320 and the hash function processing circuit 330 monitor 
the volume of inputted data and automatically start 
encryption and authentication processing when a 
predetermined volume of data has been written, it is 
5 possible to start the processing without applying load to 
the CPU and other components . This is especially 

effective when data to be processed is continuously 
inputted like streaming data. 

Furthermore, the cryptographic processing circuit 

10 320 and the hash function processing circuit 330 
automatically recognize timing for starting processing 
using a hardware macro, and the IPsec control circuit 310 
continuously supplies data to be processed by 
cryptographic processing and authentication processing 

15 without a break via the respective dedicated buses, in 
place of the CPU 301 . This makes it possible to realize 
seamless encryption and authentication processing, and to 
make the most of the processing capabilities of the 
cryptographic processing circuit 320 and the hash function 

20 processing circuit 330. 

As a result, even with a low-performance CPU (e.g. 
with a low operation frequency) , high-speed processing in 
consideration of streaming can be achieved. If a low- 
speed CPU is employed, lower power consumption and low- 

2 5 cost manufacturing can be easily achieved. 

Moreover , since a large work memory area of the CPU 
301 is not occupied, processing efficiency of other 
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processing executed by the CPU 301 is enhanced. Further, 
the CPU occupation rate for cryptographic processing and 
authentication processing is reduced, when employed as a 
part of a system, it is possible to ensure secure 
5 performance. It is also possible to realize a network 
service using IPsec, which is provided at a comfortable 
communication speed . 
[Third Embodiment] 

A third embodiment is provided for making it 

10 possible to perform parallel processing of cryptographic 
processing and hash function processing. 

FIG. 45 is a diagram showing an example of the 
system configuration of a third embodiment. A security 
network controller 400 according to the third embodiment 

15 is comprised of a CPU 401, a communication interface 402, 
a memory controller 403, an external connection interface 
404, a plurality of IPsec control circuits 411 to 414, a 
plurality of cryptographic processing circuits 421 to 424, 
and a plurality of hash function processing circuits 431 

20 to 434. These components are connected by a bus 409. 

The IPsec control circuit 411 is connected to the 
cryptographic processing circuit 421 and the hash function 
processing circuit 431 via respective dedicated buses . 
The IPsec control circuit 412 is connected to the 

25 cryptographic processing circuit 422 and the hash function 
processing circuit 432 via respective dedicated buses. 
The IPsec control circuit 413 is connected to the 
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cryptographic processing circuit: 423 and the hash function 
processing circuit 433 via respective dedicated buses. 
The IPsec control circuit 414 is connected to the 
cryptographic processing circuit 424 and the hash function 
5 processing circuit 434 via respective dedicated buses . 

The communication interface 402 is connected to a 
terminal unit 92 via the Internet 91 . The memory 

controller 403 is connected to a memory 405 . The external 
connection interface 404 is connected to a main CPU 441 

10 within a camera system 440. The main CPU 441 controls 
circuits 442 and 443 and a camera mechanism section 445 
within the camera system 440. 

As described above, in the third embodiment, the 
circuit for performing the cryptographic processing and 

15 the authentication processing is multiplexed. In the 
example illustrated in FIG. 45 , there are provided four 
sets of circuits each for the cryptographic processing and 
authentication processing. 

Data to be processed is allocated to the plurality 

20 of IPsec control circuits 411 to 414. Each of the IPsec 
control circuits 411 to 414 controls the cryptographic 
processing and hash function processing of the allocated 
data. 

Through multiplexing of the circuits as described 
2 5 above, it is possible to process the data at a high speed 
when there are a lot of data to be subjected to the 
cryptographic processing and the hash function processing. 
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Further, also when a very high speed performance is 
required in transferring data (e.g. in transferring a 
printer image, e.g. at 500 to 1000 Mbps) , it is possible 
to obtain a desired processing speed by multiplexing the 
5 circuits . Although the processing performance of the 
security network controller 400 is enhanced by enhancing 
the processing power of the CPU 401, the increase in the 
processing speed of the CPU 401 demands a very highly 
sophisticated manufacturing technique, which results in 

10 the increased manufacturing costs of the circuits. If the 
circuit for performing the cryptographic processing and 
the hash function processing is multiplexed as shown in 
FIG. 45, it is possible to carry out the cryptographic 
processing and the hash function processing in parallel 

15 with each other even with a CPU not high in performance, 
whereby the speed at which each packet of data is 
processed is increased. Approximate calculation shows that 
the multiplexed circuit can perform the processing at a 
speed four times as fast as that of a non -multiplexed 

20 circuit. 

Although in the above second and third embodiments , 
the security network controllers 300 and 400 are mounted 
in the camera systems 30 and 440, respectively, by way of 
example, the same security network controllers can be 
2 5 mounted on the sides of the terminal units 30 and 92, 
respectively . 

Further, the security network controller 300 may be 
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externally connected to a device or apparatus to be 
controlled, such as the camera system 30. Even without 
input means, such a configuration makes it possible to 
control the camera system 30 via the Internet 31 . 
5 Moreover, by incorporating only the security network 
controller according to the second or third embodiment in 
a device or apparatus without changing the existing 
circuits thereof, it is possible to connect the same to 
various kinds of devices and apparatuses via the Internet 

10 to realize secure and convenient services provided at a 
comfortable communication speed using the IPsec function. 

Although in the above second and third embodiments , 
the cryptographic processing (encryption or decryption) 
and the authentication processing (e.g. the hash function 

15 processing) are carried out on data to be transmitted or 
received, by way of example, this is not limitative, but 
the present invention may be applied to a security network 
controller for performing only one of the cryptographic 
processing and the authentication processing. In a 

20 security network controller for performing only the 
cryptographic processing, the hash function processing 
circuit is dispensed with, whereas in a security network 
controller for performing only the authentication 
processing, the cryptographic processing circuit is 

25 dispensed with. 

Further, although in the above second and 
embodiments, data to be processed is once stored in a 
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memory , and the IPsec control circuit 310 obtains the data 
from the memory by DMA transfer, this is not limitative, 
but when the IPsec control circuit 310 includes a built-in 
or internal memory having a sufficient capacity, it is 
5 also possible to directly store the data into the IPsec 
control circuit 310 from the communication interface 305 
or the like . 

As described hereinbefore, according to the present 
invention, data to be processed is obtained via the first 

10 bus, stored in the internal memory of the data 
input/output control circuit, and inputted to the 
cryptographic processing circuit via the second bus . 
Therefore, once the data to be processed is stored in the 
internal memory of the data input/output control circuit, 

15 it is possible to carry out cryptographic processing on 
the data without operation of the CPU or using the first 
bus, which reduces processing load on the CPU controlling 
the system. 

The foregoing is considered as illustrative only of 
20 the principles of the present invention. Further, since 
numerous modifications and changes will readily occur to 
those skilled in the art, it is not desired to limit the 
invention to the exact construction and applications shown 
and described, and accordingly, all suitable modifications 
25 and equivalents may be regarded as falling within the 
scope of the invention in the appended claims and their 
equivalents . 
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